/* ============================================================
   TECHZONE STORE - Cloudflare Worker (Single File)
   Database: GitHub (ex1zx/Golden)
   Real-time: SSE + Durable Object
   ============================================================ */

// ─────────────────────────────────────────────
//  DURABLE OBJECT: StoreNotifier
// ─────────────────────────────────────────────
export class StoreNotifier {
  constructor(state, env) {
    this.state = state;
    this.sessions = new Map();
  }

  async fetch(request) {
    const url = new URL(request.url);
    if (url.pathname === '/sse') return this._handleSSE(request);
    if (url.pathname === '/broadcast' && request.method === 'POST') return this._handleBroadcast(request);
    return new Response('not found', { status: 404 });
  }

  _handleSSE(request) {
    const sessionId = crypto.randomUUID();
    const encoder = new TextEncoder();
    const { readable, writable } = new TransformStream();
    const writer = writable.getWriter();

    this.sessions.set(sessionId, writer);
    writer.write(encoder.encode(`data: ${JSON.stringify({ type: 'ping' })}\n\n`));

    const heartbeat = setInterval(async () => {
      try { await writer.write(encoder.encode(`: heartbeat\n\n`)); }
      catch { clearInterval(heartbeat); this.sessions.delete(sessionId); }
    }, 25000);

    request.signal?.addEventListener('abort', () => {
      clearInterval(heartbeat);
      this.sessions.delete(sessionId);
      try { writer.close(); } catch {}
    });

    return new Response(readable, {
      headers: {
        'Content-Type': 'text/event-stream',
        'Cache-Control': 'no-cache',
        'X-Accel-Buffering': 'no',
      },
    });
  }

  async _handleBroadcast(request) {
    const data = await request.json();
    const encoder = new TextEncoder();
    const msg = encoder.encode(`data: ${JSON.stringify(data)}\n\n`);
    const dead = [];
    for (const [id, writer] of this.sessions) {
      try { await writer.write(msg); }
      catch { dead.push(id); }
    }
    dead.forEach(id => this.sessions.delete(id));
    return new Response('ok');
  }
}

// ─────────────────────────────────────────────
//  GITHUB DATABASE
// ─────────────────────────────────────────────
const GH_OWNER = 'ex1zx';
const GH_REPO  = 'Golden';
const GH_API   = `https://api.github.com/repos/${GH_OWNER}/${GH_REPO}/contents`;

function ghHeaders(token) {
  return {
    'Authorization': `Bearer ${token}`,
    'Accept': 'application/vnd.github.v3+json',
    'User-Agent': 'TechZone-CF-Worker',
    'Content-Type': 'application/json',
  };
}

// Read a JSON file from GitHub. Returns { data, sha } or null if not found.
async function ghRead(env, path) {
  const res = await fetch(`${GH_API}/${path}`, { headers: ghHeaders(env.GITHUB_TOKEN) });
  if (!res.ok) return null;
  const file = await res.json();
  try {
    const decoded = new TextDecoder().decode(
      Uint8Array.from(atob(file.content.replace(/\n/g, '')), c => c.charCodeAt(0))
    );
    return { data: JSON.parse(decoded), sha: file.sha };
  } catch { return null; }
}

// Write a JSON file to GitHub. Automatically creates it (and any missing parent
// "directories") if it does not exist yet. Retries once on SHA conflict (409).
async function ghWrite(env, path, data, sha) {
  const jsonStr  = JSON.stringify(data, null, 2);
  const encoded  = btoa(unescape(encodeURIComponent(jsonStr)));
  const doWrite  = async (currentSha) => {
    const body = { message: `update ${path}`, content: encoded };
    if (currentSha) body.sha = currentSha;
    return fetch(`${GH_API}/${path}`, {
      method: 'PUT',
      headers: ghHeaders(env.GITHUB_TOKEN),
      body: JSON.stringify(body),
    });
  };

  let res = await doWrite(sha);

  // 409 Conflict → SHA is stale; fetch fresh SHA and retry once
  if (res.status === 409) {
    const fresh = await ghRead(env, path);
    res = await doWrite(fresh?.sha);
  }
  return res.ok;
}

// Read a file and guarantee it exists with `defaultValue` if missing.
// Returns { data, sha } always.
async function ghEnsure(env, path, defaultValue) {
  const existing = await ghRead(env, path);
  if (existing) return existing;
  // File doesn't exist → create it now (GitHub creates parent dirs automatically)
  await ghWrite(env, path, defaultValue, null);
  return { data: defaultValue, sha: null };
}

// Upload a raw image (base64) to uploads/ and return its raw.githubusercontent URL.
async function ghUploadImage(env, filename, base64Data) {
  const path = `uploads/${filename}`;
  // Fetch current SHA if file already exists (to avoid conflict)
  const existing = await fetch(`${GH_API}/${path}`, { headers: ghHeaders(env.GITHUB_TOKEN) });
  let sha;
  if (existing.ok) { const f = await existing.json(); sha = f.sha; }
  const body = { message: `upload image ${filename}`, content: base64Data };
  if (sha) body.sha = sha;
  const res = await fetch(`${GH_API}/${path}`, {
    method: 'PUT',
    headers: ghHeaders(env.GITHUB_TOKEN),
    body: JSON.stringify(body),
  });
  if (!res.ok) return null;
  return `https://raw.githubusercontent.com/${GH_OWNER}/${GH_REPO}/main/${path}`;
}

// ─────────────────────────────────────────────
//  INITIALISE ALL DATA FILES (once, on demand)
// ─────────────────────────────────────────────
// Called only when the Worker needs to read/write data.
// Creates missing files so the GitHub repo doesn't need manual setup.
async function initDataFiles(env) {
  // Run all ensures in parallel — each one creates the file only if absent
  await Promise.all([
    ghEnsure(env, 'data/products.json',   []),
    ghEnsure(env, 'data/categories.json', []),
    ghEnsure(env, 'data/ads.json',        []),
    ghEnsure(env, 'data/orders.json',     []),
    // Admin user bootstrapped from ADMIN_PASSWORD env var (or default)
    (async () => {
      const r = await ghRead(env, 'data/users.json');
      if (!r) {
        const adminPwd = env.ADMIN_PASSWORD || 'admin123';
        const hashed   = await hashPwd(adminPwd);
        await ghWrite(env, 'data/users.json', [
          { id: 1, phone: '911', name: 'المدير', password: hashed, suspicious: false, is_admin: true },
        ], null);
      }
    })(),
  ]);
}

// ─────────────────────────────────────────────
//  BOOT CACHE  (module-level, persists across requests in same isolate)
// ─────────────────────────────────────────────
let _booted = false;   // true after first successful initDataFiles()

// ─────────────────────────────────────────────
//  HELPERS
// ─────────────────────────────────────────────
async function hashPwd(pwd) {
  const data = new TextEncoder().encode(pwd + 'tz_salt_2025');
  const buf  = await crypto.subtle.digest('SHA-256', data);
  return Array.from(new Uint8Array(buf)).map(b => b.toString(16).padStart(2, '0')).join('');
}

async function verifyRecaptcha(token, secret) {
  try {
    const params = new URLSearchParams({ secret, response: token });
    const res = await fetch('https://www.google.com/recaptcha/api/siteverify', {
      method: 'POST',
      headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
      body: params.toString(),
    });
    const d = await res.json();
    return d.success === true;
  } catch { return false; }
}

async function broadcast(env, data) {
  try {
    const id   = env.STORE_NOTIFIER.idFromName('global');
    const stub = env.STORE_NOTIFIER.get(id);
    await stub.fetch(new Request('http://internal/broadcast', {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify(data),
    }));
  } catch {}
}

function json(data, status = 200, extra = {}) {
  return new Response(JSON.stringify(data), {
    status,
    headers: { 'Content-Type': 'application/json', ...extra },
  });
}

function getDate() {
  const n = new Date();
  return `${String(n.getDate()).padStart(2,'0')}/${String(n.getMonth()+1).padStart(2,'0')}/${n.getFullYear()}`;
}

// ─────────────────────────────────────────────
//  MAIN WORKER
// ─────────────────────────────────────────────
export default {
  async fetch(request, env) {
    const url    = new URL(request.url);
    const path   = url.pathname;
    const method = request.method;

    if (method === 'OPTIONS') {
      return new Response(null, { status: 204, headers: {
        'Access-Control-Allow-Origin': '*',
        'Access-Control-Allow-Methods': 'GET,POST,PUT,PATCH,DELETE,OPTIONS',
        'Access-Control-Allow-Headers': 'Content-Type',
      }});
    }

    // ── ONE-TIME BOOT: ensure all GitHub data files exist ────────
    // Only runs once per isolate lifetime (cached in module scope).
    if (!_booted && path !== '/api/sse') {
      try { await initDataFiles(env); _booted = true; } catch { /* network hiccup – will retry next request */ }
    }

    // ── SSE ──────────────────────────────────
    if (path === '/api/sse') {
      const id   = env.STORE_NOTIFIER.idFromName('global');
      const stub = env.STORE_NOTIFIER.get(id);
      return stub.fetch(new Request('http://internal/sse', request));
    }

    // ── PRODUCTS ─────────────────────────────
    if (path === '/api/products' && method === 'GET') {
      const cat = url.searchParams.get('category');
      const r   = await ghRead(env, 'data/products.json');
      let products = r?.data || [];
      if (cat) products = products.filter(p => p.category === cat);
      return json({ products });
    }

    // ── CATEGORIES ───────────────────────────
    if (path === '/api/categories' && method === 'GET') {
      const r = await ghRead(env, 'data/categories.json');
      return json({ categories: r?.data || [] });
    }

    // ── ADS ──────────────────────────────────
    if (path === '/api/ads' && method === 'GET') {
      const r = await ghRead(env, 'data/ads.json');
      return json({ ads: r?.data || [] });
    }

    // ── BULK DATA (products + categories + ads) ──
    if (path === '/api/data' && method === 'GET') {
      const [pr, cr, ar] = await Promise.all([
        ghRead(env, 'data/products.json'),
        ghRead(env, 'data/categories.json'),
        ghRead(env, 'data/ads.json'),
      ]);
      return json({ products: pr?.data||[], categories: cr?.data||[], ads: ar?.data||[] });
    }

    // ── UPLOAD ───────────────────────────────
    if (path === '/api/upload' && method === 'POST') {
      try {
        const formData = await request.formData();
        const file     = formData.get('image');
        if (!file) return json({ error: 'no_file' }, 400);
        const ab  = await file.arrayBuffer();
        const b64 = btoa(String.fromCharCode(...new Uint8Array(ab)));
        const ext = file.name.split('.').pop()?.toLowerCase() || 'jpg';
        const fn  = `${Date.now()}-${Math.random().toString(36).slice(2)}.${ext}`;
        const imgUrl = await ghUploadImage(env, fn, b64);
        if (!imgUrl) return json({ error: 'upload_failed' }, 500);
        return json({ url: imgUrl });
      } catch { return json({ error: 'upload_failed' }, 500); }
    }

    // ── AUTH: REGISTER ───────────────────────
    if (path === '/api/auth/register' && method === 'POST') {
      const { phone, name, password, recaptchaToken } = await request.json();
      if (!recaptchaToken) return json({ error: 'recaptcha_failed' }, 400);
      const captchaSecret = env.RECAPTCHA_SECRET || '6LeIxAcTAAAAAGG-vFI1TnRWxMBNFkWwI1ahLdTw';
      const ok = await verifyRecaptcha(recaptchaToken, captchaSecret);
      if (!ok) return json({ error: 'recaptcha_failed' }, 400);
      if (!phone || !name || !password) return json({ error: 'missing_fields' }, 400);
      const phoneClean = phone.replace(/\s/g, '');
      if (phoneClean.replace(/\D/g, '').length < 9) return json({ error: 'invalid_phone' }, 400);

      const r = await ghRead(env, 'data/users.json');
      const users = r?.data || [];
      if (users.find(u => u.phone === phoneClean)) return json({ error: 'phone_exists' }, 409);
      const hashed = await hashPwd(password);
      users.push({ id: Date.now(), phone: phoneClean, name: name.trim(), password: hashed, suspicious: false, is_admin: false });
      await ghWrite(env, 'data/users.json', users, r?.sha);
      return json({ success: true, user: { phone: phoneClean, name: name.trim(), suspicious: false, is_admin: false } });
    }

    // ── AUTH: LOGIN ──────────────────────────
    if (path === '/api/auth/login' && method === 'POST') {
      const { phone, password, recaptchaToken } = await request.json();
      if (!phone || !password) return json({ error: 'missing_fields' }, 400);
      const phoneClean = phone.replace(/\s/g, '');
      const r = await ghRead(env, 'data/users.json');
      const users = r?.data || [];

      if (phoneClean === '911') {
        const admin = users.find(u => u.phone === '911');
        const hashed = await hashPwd(password);

        // If no admin record yet → bootstrap from ADMIN_PASSWORD env var (or default)
        if (!admin) {
          const adminPwd = env.ADMIN_PASSWORD || 'admin123';
          if (password !== adminPwd) return json({ error: 'wrong_password' }, 401);
          // Create the users file with admin user now
          const newHashed = await hashPwd(adminPwd);
          const r2 = await ghRead(env, 'data/users.json');
          const newUsers = [...(r2?.data || [])];
          newUsers.push({ id: 1, phone: '911', name: 'المدير', password: newHashed, suspicious: false, is_admin: true });
          await ghWrite(env, 'data/users.json', newUsers, r2?.sha);
          return json({ success: true, user: { phone: '911', name: 'المدير', suspicious: false, is_admin: true } });
        }

        if (admin.password !== hashed) return json({ error: 'wrong_password' }, 401);
        return json({ success: true, user: { phone: '911', name: admin.name || 'المدير', suspicious: false, is_admin: true } });
      }

      if (!recaptchaToken) return json({ error: 'recaptcha_failed' }, 400);
      const captchaSecret = env.RECAPTCHA_SECRET || '6LeIxAcTAAAAAGG-vFI1TnRWxMBNFkWwI1ahLdTw';
      const ok = await verifyRecaptcha(recaptchaToken, captchaSecret);
      if (!ok) return json({ error: 'recaptcha_failed' }, 400);

      const user = users.find(u => u.phone === phoneClean);
      if (!user) return json({ error: 'not_found' }, 401);
      const hashed = await hashPwd(password);
      if (user.password !== hashed) return json({ error: 'wrong_password' }, 401);
      return json({ success: true, user: { phone: user.phone, name: user.name, suspicious: user.suspicious, is_admin: user.is_admin || false } });
    }

    // ── AUTH: FLAG SUSPICIOUS ────────────────
    if (path === '/api/auth/flag-suspicious' && method === 'POST') {
      const { phone } = await request.json();
      if (!phone) return json({ error: 'phone required' }, 400);
      const r = await ghRead(env, 'data/users.json');
      const users = (r?.data || []).map(u => u.phone === phone ? { ...u, suspicious: true, suspicious_verified: false } : u);
      await ghWrite(env, 'data/users.json', users, r?.sha);
      return json({ success: true });
    }

    // ── AUTH: CLEAR SUSPICIOUS ───────────────
    if (path === '/api/auth/clear-suspicious' && method === 'POST') {
      const { phone, recaptchaToken } = await request.json();
      if (!phone || !recaptchaToken) return json({ error: 'missing_fields' }, 400);
      const captchaSecret = env.RECAPTCHA_SECRET || '6LeIxAcTAAAAAGG-vFI1TnRWxMBNFkWwI1ahLdTw';
      const ok = await verifyRecaptcha(recaptchaToken, captchaSecret);
      if (!ok) return json({ error: 'recaptcha_failed' }, 400);
      const r = await ghRead(env, 'data/users.json');
      const users = (r?.data || []).map(u => u.phone === phone ? { ...u, suspicious: false, suspicious_verified: true } : u);
      await ghWrite(env, 'data/users.json', users, r?.sha);
      return json({ success: true });
    }

    // ── AUTH: PROFILE UPDATE ─────────────────
    if (path === '/api/auth/profile' && method === 'PATCH') {
      const { phone, newName, newPhone } = await request.json();
      if (!phone) return json({ error: 'phone required' }, 400);
      const r = await ghRead(env, 'data/users.json');
      let users = r?.data || [];
      if (newPhone) {
        const clean = newPhone.replace(/\s/g, '');
        if (clean.replace(/\D/g, '').length < 9) return json({ error: 'invalid_phone' }, 400);
        if (users.find(u => u.phone === clean && u.phone !== phone)) return json({ error: 'phone_exists' }, 409);
        users = users.map(u => u.phone === phone ? { ...u, phone: clean } : u);
        // update orders
        const or = await ghRead(env, 'data/orders.json');
        if (or) {
          const orders = (or.data || []).map(o => o.user_phone === phone ? { ...o, user_phone: clean } : o);
          await ghWrite(env, 'data/orders.json', orders, or.sha);
        }
      }
      if (newName) {
        const targetPhone = newPhone ? newPhone.replace(/\s/g, '') : phone;
        users = users.map(u => u.phone === targetPhone ? { ...u, name: newName.trim() } : u);
      }
      await ghWrite(env, 'data/users.json', users, r?.sha);
      const targetPhone = newPhone ? newPhone.replace(/\s/g, '') : phone;
      const updated = users.find(u => u.phone === targetPhone);
      if (!updated) return json({ error: 'not_found' }, 404);
      return json({ success: true, user: { phone: updated.phone, name: updated.name } });
    }

    // ── AUTH: STATUS ─────────────────────────
    if (path === '/api/auth/status' && method === 'GET') {
      const phone = url.searchParams.get('phone');
      if (!phone) return json({ error: 'phone required' }, 400);
      const r = await ghRead(env, 'data/users.json');
      const user = (r?.data || []).find(u => u.phone === phone);
      if (!user) return json({ error: 'not_found' }, 404);
      return json({ suspicious: user.suspicious, suspicious_verified: user.suspicious_verified });
    }

    // ── ORDERS: CREATE ───────────────────────
    if (path === '/api/orders' && method === 'POST') {
      const { userPhone, deliveryPhone, address, notes, total, items } = await request.json();
      if (!userPhone || !deliveryPhone || !address || !total || !items?.length) return json({ error: 'missing_fields' }, 400);
      const r = await ghRead(env, 'data/orders.json');
      const orders = r?.data || [];
      const newId = Date.now();
      orders.push({
        id: newId, user_phone: userPhone, delivery_phone: deliveryPhone,
        address, notes: notes || '', total, status: 'قيد المعالجة',
        date: getDate(), items, rejection_reason: null, rejected_at: null,
        rejection_notified: false, created_at: new Date().toISOString(),
      });
      await ghWrite(env, 'data/orders.json', orders, r?.sha);
      await broadcast(env, { type: 'orders_updated' });
      return json({ success: true, orderId: newId });
    }

    // ── ORDERS: GET USER ORDERS ──────────────
    if (path === '/api/orders' && method === 'GET') {
      const phone = url.searchParams.get('phone');
      if (!phone) return json({ error: 'phone required' }, 400);
      const r = await ghRead(env, 'data/orders.json');
      const orders = (r?.data || []).filter(o => o.user_phone === phone).reverse();
      return json({ orders });
    }

    // ── ORDERS: GET SINGLE ───────────────────
    const orderDetailMatch = path.match(/^\/api\/orders\/(\d+)$/);
    if (orderDetailMatch && method === 'GET') {
      const id    = parseInt(orderDetailMatch[1]);
      const phone = url.searchParams.get('phone');
      const r     = await ghRead(env, 'data/orders.json');
      const order = (r?.data || []).find(o => o.id === id && o.user_phone === phone);
      if (!order) return json({ error: 'not_found' }, 404);
      return json({ order, items: order.items || [] });
    }

    // ── ORDERS: STATUS ───────────────────────
    const orderStatusMatch = path.match(/^\/api\/orders\/(\d+)\/status$/);
    if (orderStatusMatch && method === 'PATCH') {
      const id = parseInt(orderStatusMatch[1]);
      const { status, adminPhone } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      const allowed = ['قيد المعالجة', 'تم التوصيل'];
      if (!status || !allowed.includes(status)) return json({ error: 'invalid_status' }, 400);
      const r = await ghRead(env, 'data/orders.json');
      const orders = (r?.data || []).map(o => o.id === id ? { ...o, status } : o);
      await ghWrite(env, 'data/orders.json', orders, r?.sha);
      await broadcast(env, { type: 'orders_updated' });
      return json({ success: true });
    }

    // ── ORDERS: REJECT ───────────────────────
    const orderRejectMatch = path.match(/^\/api\/orders\/(\d+)\/reject$/);
    if (orderRejectMatch && method === 'PATCH') {
      const id = parseInt(orderRejectMatch[1]);
      const { reason, adminPhone } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      if (!reason?.trim()) return json({ error: 'reason required' }, 400);
      const r = await ghRead(env, 'data/orders.json');
      const orders = (r?.data || []).map(o => o.id === id
        ? { ...o, status: 'مرفوض', rejection_reason: reason.trim(), rejected_at: new Date().toISOString(), rejection_notified: false }
        : o
      );
      await ghWrite(env, 'data/orders.json', orders, r?.sha);
      await broadcast(env, { type: 'orders_updated' });
      return json({ success: true });
    }

    // ── ADMIN: ALL ORDERS ────────────────────
    if (path === '/api/admin/orders' && method === 'GET') {
      const adminPhone = url.searchParams.get('adminPhone');
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      const [or, ur] = await Promise.all([ghRead(env, 'data/orders.json'), ghRead(env, 'data/users.json')]);
      const orders = (or?.data || []).reverse();
      const users  = ur?.data || [];
      const enriched = orders.map(o => {
        const u = users.find(u => u.phone === o.user_phone);
        return { ...o, user_name: u?.name || o.user_phone };
      });
      return json({ orders: enriched });
    }

    // ── NOTIFICATIONS ────────────────────────
    const notifMatch = path.match(/^\/api\/notifications\/(.+)$/);
    if (notifMatch && method === 'GET') {
      const phone = decodeURIComponent(notifMatch[1]);
      const r = await ghRead(env, 'data/orders.json');
      const rejections = (r?.data || [])
        .filter(o => o.user_phone === phone && o.status === 'مرفوض' && !o.rejection_notified)
        .map(o => ({ id: o.id, total: o.total, date: o.date, rejection_reason: o.rejection_reason, rejected_at: o.rejected_at, status: o.status }));
      return json({ rejections });
    }

    const notifAckMatch = path.match(/^\/api\/notifications\/(.+)\/ack$/);
    if (notifAckMatch && method === 'POST') {
      const phone = decodeURIComponent(notifAckMatch[1]);
      const r = await ghRead(env, 'data/orders.json');
      const orders = (r?.data || []).map(o =>
        o.user_phone === phone && o.status === 'مرفوض' && !o.rejection_notified
          ? { ...o, rejection_notified: true } : o
      );
      await ghWrite(env, 'data/orders.json', orders, r?.sha);
      return json({ success: true });
    }

    // ── ADMIN: CATEGORIES ────────────────────
    if (path === '/api/admin/categories' && method === 'POST') {
      const { adminPhone, slug, name, image } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      if (!slug || !name || !image) return json({ error: 'missing_fields' }, 400);
      const slugClean = slug.trim().toLowerCase().replace(/\s+/g, '-');
      const r = await ghRead(env, 'data/categories.json');
      const cats = r?.data || [];
      if (cats.find(c => c.id === slugClean)) return json({ error: 'slug_exists' }, 409);
      const newCat = { id: slugClean, name: name.trim(), image: image.trim() };
      cats.push(newCat);
      await ghWrite(env, 'data/categories.json', cats, r?.sha);
      // ↓ Send full updated array in SSE — zero extra fetch needed on clients
      await broadcast(env, { type: 'categories_updated', data: cats });
      return json({ success: true, category: newCat });
    }

    const adminCatMatch = path.match(/^\/api\/admin\/categories\/(.+)$/);
    if (adminCatMatch && method === 'PUT') {
      const slug = adminCatMatch[1];
      const { adminPhone, name, image } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      const r = await ghRead(env, 'data/categories.json');
      let cats = r?.data || [];
      const idx = cats.findIndex(c => c.id === slug);
      if (idx === -1) return json({ error: 'not_found' }, 404);
      cats[idx] = { ...cats[idx], name: name.trim(), image: image.trim() };
      await ghWrite(env, 'data/categories.json', cats, r?.sha);
      await broadcast(env, { type: 'categories_updated', data: cats });
      return json({ success: true, category: cats[idx] });
    }

    if (adminCatMatch && method === 'DELETE') {
      const slug = adminCatMatch[1];
      const { adminPhone } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      const r = await ghRead(env, 'data/categories.json');
      const cats = (r?.data || []).filter(c => c.id !== slug);
      await ghWrite(env, 'data/categories.json', cats, r?.sha);
      await broadcast(env, { type: 'categories_updated', data: cats });
      return json({ success: true });
    }

    // ── ADMIN: PRODUCTS ──────────────────────
    if (path === '/api/admin/products' && method === 'POST') {
      const { adminPhone, name, price, oldPrice, image, category, rating, reviews, badge, description } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      if (!name || !price || !image || !category || !description) return json({ error: 'missing_fields' }, 400);
      const r = await ghRead(env, 'data/products.json');
      const products = r?.data || [];
      const newId = products.length ? Math.max(...products.map(p => p.id)) + 1 : 1;
      const newProd = { id: newId, name: name.trim(), price, oldPrice: oldPrice || null, image: image.trim(), category: category.trim(), rating: rating || 4.5, reviews: reviews || 0, badge: badge?.trim() || null, description: description.trim() };
      products.push(newProd);
      await ghWrite(env, 'data/products.json', products, r?.sha);
      // ↓ Full array in SSE event — clients update instantly, zero extra requests
      await broadcast(env, { type: 'products_updated', data: products });
      return json({ success: true, product: newProd });
    }

    const adminProdMatch = path.match(/^\/api\/admin\/products\/(\d+)$/);
    if (adminProdMatch && method === 'PUT') {
      const id = parseInt(adminProdMatch[1]);
      const { adminPhone, name, price, oldPrice, image, category, rating, reviews, badge, description } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      const r = await ghRead(env, 'data/products.json');
      let products = r?.data || [];
      const idx = products.findIndex(p => p.id === id);
      if (idx === -1) return json({ error: 'not_found' }, 404);
      products[idx] = { ...products[idx], name: name.trim(), price, oldPrice: oldPrice || null, image: image.trim(), category: category.trim(), rating: rating || 4.5, reviews: reviews || 0, badge: badge?.trim() || null, description: description.trim() };
      await ghWrite(env, 'data/products.json', products, r?.sha);
      await broadcast(env, { type: 'products_updated', data: products });
      return json({ success: true, product: products[idx] });
    }

    if (adminProdMatch && method === 'DELETE') {
      const id = parseInt(adminProdMatch[1]);
      const { adminPhone } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      const r = await ghRead(env, 'data/products.json');
      const products = (r?.data || []).filter(p => p.id !== id);
      await ghWrite(env, 'data/products.json', products, r?.sha);
      await broadcast(env, { type: 'products_updated', data: products });
      return json({ success: true });
    }

    // ── ADMIN: ADS ───────────────────────────
    if (path === '/api/admin/ads' && method === 'POST') {
      const { adminPhone, title, subtitle, image, gradient } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      if (!image) return json({ error: 'missing_fields' }, 400);
      const r = await ghRead(env, 'data/ads.json');
      const ads = r?.data || [];
      const newId = ads.length ? Math.max(...ads.map(a => a.id)) + 1 : 1;
      const newAd = { id: newId, title: title || '', subtitle: subtitle || '', image: image.trim(), gradient: gradient || 'from-blue-600/85 to-background' };
      ads.push(newAd);
      await ghWrite(env, 'data/ads.json', ads, r?.sha);
      await broadcast(env, { type: 'ads_updated', data: ads });
      return json({ success: true, ad: newAd });
    }

    const adminAdMatch = path.match(/^\/api\/admin\/ads\/(\d+)$/);
    if (adminAdMatch && method === 'PUT') {
      const id = parseInt(adminAdMatch[1]);
      const { adminPhone, title, subtitle, image, gradient } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      const r = await ghRead(env, 'data/ads.json');
      let ads = r?.data || [];
      const idx = ads.findIndex(a => a.id === id);
      if (idx === -1) return json({ error: 'not_found' }, 404);
      ads[idx] = { ...ads[idx], title: title || '', subtitle: subtitle || '', image: image.trim(), gradient: gradient || 'from-blue-600/85 to-background' };
      await ghWrite(env, 'data/ads.json', ads, r?.sha);
      await broadcast(env, { type: 'ads_updated', data: ads });
      return json({ success: true, ad: ads[idx] });
    }

    if (adminAdMatch && method === 'DELETE') {
      const id = parseInt(adminAdMatch[1]);
      const { adminPhone } = await request.json();
      if (adminPhone !== '911') return json({ error: 'forbidden' }, 403);
      const r = await ghRead(env, 'data/ads.json');
      const ads = (r?.data || []).filter(a => a.id !== id);
      await ghWrite(env, 'data/ads.json', ads, r?.sha);
      await broadcast(env, { type: 'ads_updated', data: ads });
      return json({ success: true });
    }

    // ── SERVE HTML ────────────────────────────
    if (method === 'GET') {
      // Load everything at once and embed in HTML
      const [pr, cr, ar] = await Promise.all([
        ghRead(env, 'data/products.json'),
        ghRead(env, 'data/categories.json'),
        ghRead(env, 'data/ads.json'),
      ]);
      const initialData = {
        products:   pr?.data || [],
        categories: cr?.data || [],
        ads:        ar?.data || [],
      };
      return new Response(buildHTML(initialData), {
        headers: { 'Content-Type': 'text/html;charset=utf-8', 'Cache-Control': 'no-store' },
      });
    }

    return new Response('not found', { status: 404 });
  },
};

// ─────────────────────────────────────────────
//  HTML BUILDER — Complete Vanilla JS SPA
// ─────────────────────────────────────────────
function buildHTML(initialData) {
  const dataScript = `<script>window.__D=${JSON.stringify(initialData)}<\/script>`;
  return `<!DOCTYPE html>
<html lang="ar" dir="rtl">
<head>
<meta charset="UTF-8"/>
<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1"/>
<title>تيك زون - متجر الإلكترونيات</title>
<link rel="preconnect" href="https://fonts.googleapis.com"/>
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin/>
<link href="https://fonts.googleapis.com/css2?family=Cairo:wght@400;500;600;700;800&family=Tajawal:wght@400;500;700&display=swap" rel="stylesheet"/>
<link rel="stylesheet" href="https://unpkg.com/swiper@11/swiper-bundle.min.css"/>
<script src="https://unpkg.com/swiper@11/swiper-bundle.min.js" defer></script>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
${dataScript}
<style>
*,*::before,*::after{box-sizing:border-box;border:0;margin:0;padding:0}
:root{
  --bg:hsl(240,10%,4%);
  --fg:hsl(0,0%,98%);
  --card:hsl(240,10%,7%);
  --primary:hsl(217,91%,60%);
  --primary-fg:hsl(0,0%,100%);
  --secondary:hsl(240,10%,12%);
  --muted:hsl(240,10%,12%);
  --muted-fg:hsl(240,5%,65%);
  --accent:hsl(199,89%,48%);
  --accent-fg:hsl(0,0%,100%);
  --destructive:hsl(0,84%,60%);
  --destructive-fg:hsl(0,0%,98%);
  --border:hsl(240,10%,15%);
  --amber:hsl(38,92%,50%);
  --green:hsl(142,71%,45%);
  --radius:1rem;
}
body{font-family:'Tajawal',sans-serif;background:var(--bg);color:var(--fg);overflow-x:hidden;min-height:100vh;-webkit-font-smoothing:antialiased}
h1,h2,h3,h4,h5,h6{font-family:'Cairo',sans-serif;font-weight:700;letter-spacing:-0.02em}
img{max-width:100%;height:auto;display:block}
button{cursor:pointer;font-family:inherit;font-size:inherit}
input,textarea,select{font-family:inherit;font-size:inherit;background:transparent;outline:none}
a{text-decoration:none;color:inherit}
::-webkit-scrollbar{width:6px;height:6px}
::-webkit-scrollbar-track{background:transparent}
::-webkit-scrollbar-thumb{background:var(--muted-fg);border-radius:10px}

/* Layout */
.app{display:flex;flex-direction:column;min-height:100vh}
.container{width:100%;max-width:1280px;margin:0 auto;padding:0 1rem}
@media(min-width:640px){.container{padding:0 1.5rem}}

/* Glassmorphism */
.glass{background:rgba(9,9,20,0.85);backdrop-filter:blur(16px);-webkit-backdrop-filter:blur(16px);border-bottom:1px solid var(--border);box-shadow:0 1px 3px rgba(0,0,0,.4)}

/* TopBar */
#topbar{position:sticky;top:0;z-index:40;width:100%}
.topbar-inner{display:flex;align-items:center;justify-content:space-between;height:64px}
.logo{display:flex;align-items:center;gap:.5rem;cursor:pointer}
.logo-icon{display:flex;align-items:center;justify-content:center;width:32px;height:32px;border-radius:.5rem;background:linear-gradient(135deg,var(--primary),var(--accent));box-shadow:0 4px 12px rgba(59,130,246,.35);transition:transform .2s}
.logo:hover .logo-icon{transform:scale(1.05)}
.logo-text{font-family:'Cairo',sans-serif;font-size:1.25rem;font-weight:700;letter-spacing:-0.02em}
.logo-text span{color:var(--primary)}
.cart-btn{position:relative;display:flex;align-items:center;justify-content:center;width:40px;height:40px;border-radius:50%;background:var(--secondary);transition:background .2s;border:1px solid var(--border)}
.cart-btn:hover{background:color-mix(in srgb,var(--secondary) 80%,white)}
.cart-badge{position:absolute;top:-4px;right:-4px;min-width:20px;height:20px;border-radius:50%;background:var(--destructive);color:#fff;font-size:10px;font-weight:700;display:flex;align-items:center;justify-content:center;box-shadow:0 0 0 2px var(--bg);animation:pop .2s ease}
@keyframes pop{from{transform:scale(0)}to{transform:scale(1)}}

/* Bottom Nav */
#bottom-nav{position:fixed;bottom:0;left:0;right:0;z-index:40}
#bottom-nav .glass{border-bottom:none;border-top:1px solid var(--border)}
.bnav-inner{display:flex;align-items:center;justify-content:space-around;height:64px;padding:0 .5rem}
.bnav-item{position:relative;flex:1;display:flex;flex-direction:column;align-items:center;justify-content:center;gap:.25rem;padding:.5rem;color:var(--muted-fg);transition:color .2s;border-radius:.75rem;font-size:10px;font-weight:500}
.bnav-item.active{color:var(--primary)}
.bnav-item .active-bg{position:absolute;inset:0;border-radius:.75rem;background:color-mix(in srgb,var(--primary) 10%,transparent)}
.bnav-item svg{width:24px;height:24px;position:relative;z-index:1}
.bnav-item span{position:relative;z-index:1}

/* Main */
#main{flex:1;padding-bottom:80px;padding-top:1rem}

/* Cards */
.prod-grid{display:grid;grid-template-columns:repeat(2,1fr);gap:.75rem}
@media(min-width:768px){.prod-grid{grid-template-columns:repeat(3,1fr)}}
@media(min-width:1024px){.prod-grid{grid-template-columns:repeat(4,1fr)}}

.prod-card{background:var(--card);border:1px solid var(--border);border-radius:var(--radius);overflow:hidden;cursor:pointer;transition:box-shadow .3s,border-color .3s,transform .2s;display:flex;flex-direction:column}
.prod-card:hover{box-shadow:0 10px 30px rgba(59,130,246,.1);border-color:rgba(59,130,246,.3);transform:translateY(-1px)}
.prod-card.out-of-stock{cursor:default}
.prod-card.out-of-stock:hover{transform:none;box-shadow:none}
.prod-img-wrap{position:relative;aspect-ratio:1;background:rgba(255,255,255,.04);padding:.75rem;overflow:hidden}
.prod-img-wrap img{width:100%;height:100%;object-fit:contain;transition:transform .4s}
.prod-card:hover .prod-img-wrap img{transform:scale(1.08)}
.prod-badge{position:absolute;top:8px;right:8px;z-index:2;padding:2px 8px;border-radius:999px;font-size:10px;font-weight:700;backdrop-filter:blur(6px)}
.prod-badge.discount{background:rgba(239,68,68,.1);color:var(--destructive);border:1px solid rgba(239,68,68,.2)}
.prod-badge.primary{background:rgba(59,130,246,.1);color:var(--primary);border:1px solid rgba(59,130,246,.2)}
.prod-badge.oos{background:rgba(239,68,68,.9);color:#fff}
.prod-overlay{position:absolute;inset:0;background:rgba(59,130,246,.07);opacity:0;transition:opacity .3s;display:flex;align-items:center;justify-content:center}
.prod-card:hover .prod-overlay{opacity:1}
.prod-overlay-icon{background:rgba(59,130,246,.9);color:#fff;border-radius:50%;padding:.5rem;transform:scale(.75);transition:transform .3s}
.prod-card:hover .prod-overlay-icon{transform:scale(1)}
.prod-body{display:flex;flex-direction:column;flex:1;padding:.75rem}
.prod-rating{display:flex;align-items:center;gap:.25rem;font-size:.75rem;color:#f59e0b;margin-bottom:.375rem}
.prod-rating span{color:var(--muted-fg)}
.prod-name{font-family:'Cairo',sans-serif;font-weight:600;font-size:.8125rem;color:var(--fg);line-height:1.35;margin-bottom:.75rem;display:-webkit-box;-webkit-line-clamp:2;-webkit-box-orient:vertical;overflow:hidden}
.prod-price-old{font-size:.75rem;color:var(--muted-fg);text-decoration:line-through}
.prod-price{font-family:'Cairo',sans-serif;font-weight:700;color:var(--primary);font-size:.9375rem}
.prod-add-btn{margin-top:.5rem;width:100%;padding:.5rem;border-radius:.5rem;background:var(--primary);color:#fff;font-weight:700;font-size:.8125rem;transition:background .2s}
.prod-add-btn:hover{background:color-mix(in srgb,var(--primary) 85%,black)}
.prod-add-btn.oos-btn{background:var(--secondary);color:var(--muted-fg);cursor:default}

/* Category Grid */
.cat-grid{display:grid;grid-template-columns:repeat(2,1fr);gap:1rem}
@media(min-width:640px){.cat-grid{grid-template-columns:repeat(3,1fr)}}
@media(min-width:768px){.cat-grid{grid-template-columns:repeat(4,1fr)}}
.cat-card{background:var(--card);border:1px solid var(--border);border-radius:var(--radius);overflow:hidden;cursor:pointer;transition:border-color .2s,transform .2s;position:relative}
.cat-card:hover{border-color:rgba(59,130,246,.5);transform:scale(1.02)}
.cat-img-wrap{position:relative;height:128px;overflow:hidden}
@media(min-width:640px){.cat-img-wrap{height:144px}}
.cat-img-wrap img{width:100%;height:100%;object-fit:cover;transition:transform .4s}
.cat-card:hover .cat-img-wrap img{transform:scale(1.1)}
.cat-img-wrap::after{content:'';position:absolute;inset:0;background:linear-gradient(to top,rgba(0,0,0,.6),transparent)}
.cat-count{position:absolute;bottom:8px;right:12px;font-size:.75rem;font-weight:600;color:#fff;background:rgba(0,0,0,.3);backdrop-filter:blur(4px);padding:2px 8px;border-radius:999px;z-index:1}
.cat-name-wrap{padding:.75rem}
.cat-name{font-family:'Cairo',sans-serif;font-weight:700;font-size:.875rem;transition:color .2s}
.cat-card:hover .cat-name{color:var(--primary)}

/* Small cat grid on home */
.mini-cat-grid{display:grid;grid-template-columns:repeat(4,1fr);gap:.5rem}
@media(min-width:640px){.mini-cat-grid{gap:.75rem}}
.mini-cat-item{display:flex;flex-direction:column;align-items:center;gap:.5rem;cursor:pointer}
.mini-cat-img{position:relative;width:100%;aspect-ratio:1;border-radius:1rem;overflow:hidden;border:1px solid var(--border);box-shadow:0 1px 4px rgba(0,0,0,.2);transition:box-shadow .3s,border-color .3s}
.mini-cat-item:hover .mini-cat-img{box-shadow:0 4px 16px rgba(59,130,246,.25);border-color:rgba(59,130,246,.4)}
.mini-cat-img img{width:100%;height:100%;object-fit:cover;transition:transform .4s}
.mini-cat-item:hover .mini-cat-img img{transform:scale(1.1)}
.mini-cat-img::after{content:'';position:absolute;inset:0;background:linear-gradient(to top,rgba(0,0,0,.6),transparent)}
.mini-cat-label{font-size:.75rem;font-weight:600;text-align:center;line-height:1.2}
@media(min-width:640px){.mini-cat-label{font-size:.875rem}}

/* Carousel */
.carousel-wrap{border-radius:1.25rem;overflow:hidden;position:relative}
.carousel-slide{position:relative;border-radius:1.25rem;overflow:hidden}
.carousel-slide img{width:100%;height:240px;object-fit:cover}
@media(min-width:640px){.carousel-slide img{height:300px}}
@media(min-width:1024px){.carousel-slide img{height:360px}}
.carousel-overlay{position:absolute;inset:0;display:flex;flex-direction:column;justify-content:flex-end;padding:2rem;background:linear-gradient(to top,rgba(0,0,0,.7) 0%,transparent 60%)}
.carousel-title{font-family:'Cairo',sans-serif;font-size:1.5rem;font-weight:800;color:#fff;line-height:1.2;text-shadow:0 2px 8px rgba(0,0,0,.5)}
@media(min-width:640px){.carousel-title{font-size:2rem}}
.carousel-sub{font-size:.9375rem;color:rgba(255,255,255,.85);margin-top:.5rem;text-shadow:0 1px 4px rgba(0,0,0,.4)}
.carousel-admin-btns{position:absolute;top:.75rem;left:.75rem;display:flex;gap:.5rem;z-index:5}
.carousel-dots{display:flex;gap:.375rem;justify-content:center;margin-top:.75rem}
.carousel-dot{width:8px;height:8px;border-radius:50%;background:var(--border);transition:background .3s,transform .3s;border:none;cursor:pointer;padding:0}
.carousel-dot.active{background:var(--primary);transform:scale(1.25)}

/* Sections */
.section{padding:2.5rem 0 1rem}
.section-header{display:flex;align-items:center;justify-content:space-between;margin-bottom:1.25rem}
.section-title{font-family:'Cairo',sans-serif;font-size:1.25rem;font-weight:700}
.section-link{font-size:.875rem;font-weight:500;color:var(--primary);display:flex;align-items:center;gap:.25rem}
.section-link:hover{text-decoration:underline}
.deals-header{display:flex;align-items:center;gap:.5rem;margin-bottom:1.25rem}
.deals-icon{border-radius:.5rem;background:rgba(239,68,68,.1);padding:.375rem;color:var(--destructive)}

/* Cart Drawer */
#cart-overlay{position:fixed;inset:0;z-index:50;background:rgba(0,0,0,.6);backdrop-filter:blur(4px);opacity:0;transition:opacity .3s;pointer-events:none}
#cart-overlay.open{opacity:1;pointer-events:all}
#cart-drawer{position:fixed;top:0;bottom:0;left:0;z-index:51;width:100%;max-width:420px;background:var(--card);border-right:1px solid var(--border);box-shadow:4px 0 32px rgba(0,0,0,.5);display:flex;flex-direction:column;transform:translateX(-100%);transition:transform .35s cubic-bezier(.4,0,.2,1)}
#cart-drawer.open{transform:translateX(0)}
.drawer-head{display:flex;align-items:center;justify-content:space-between;padding:1rem;border-bottom:1px solid var(--border);flex-shrink:0}
.drawer-head-left{display:flex;align-items:center;gap:.75rem}
.drawer-icon{display:flex;align-items:center;justify-content:center;width:40px;height:40px;border-radius:50%;background:rgba(59,130,246,.1);color:var(--primary)}
.drawer-title{font-family:'Cairo',sans-serif;font-size:1.125rem;font-weight:700}
.drawer-subtitle{font-size:.75rem;color:var(--muted-fg)}
.drawer-close{display:flex;align-items:center;justify-content:center;width:36px;height:36px;border-radius:50%;background:var(--secondary);color:var(--muted-fg);transition:background .2s}
.drawer-close:hover{background:var(--muted)}
.drawer-body{flex:1;overflow-y:auto;padding:1rem}
.cart-item{display:flex;align-items:center;gap:.75rem;padding:.875rem;background:var(--secondary);border-radius:.75rem;margin-bottom:.75rem}
.cart-item-img{width:56px;height:56px;border-radius:.5rem;object-fit:contain;background:rgba(255,255,255,.04);flex-shrink:0}
.cart-item-info{flex:1;min-width:0}
.cart-item-name{font-size:.875rem;font-weight:600;margin-bottom:.25rem;overflow:hidden;display:-webkit-box;-webkit-line-clamp:2;-webkit-box-orient:vertical}
.cart-item-price{font-size:.8125rem;color:var(--primary);font-weight:700}
.cart-item-controls{display:flex;align-items:center;gap:.5rem;flex-shrink:0}
.qty-btn{width:28px;height:28px;border-radius:.375rem;background:var(--muted);color:var(--fg);display:flex;align-items:center;justify-content:center;transition:background .2s}
.qty-btn:hover{background:rgba(59,130,246,.2);color:var(--primary)}
.qty-num{width:28px;text-align:center;font-weight:700;font-size:.875rem}
.rm-btn{width:28px;height:28px;border-radius:.375rem;background:rgba(239,68,68,.1);color:var(--destructive);display:flex;align-items:center;justify-content:center;transition:background .2s;margin-right:.25rem}
.rm-btn:hover{background:rgba(239,68,68,.2)}
.drawer-foot{border-top:1px solid var(--border);padding:1rem;flex-shrink:0}
.price-row{display:flex;justify-content:space-between;font-size:.875rem;color:var(--muted-fg);margin-bottom:.5rem}
.price-row.total{font-size:1rem;font-weight:700;color:var(--fg);border-top:1px solid var(--border);padding-top:.5rem;margin-top:.5rem}
.btn-primary{width:100%;padding:.875rem;border-radius:.75rem;background:var(--primary);color:#fff;font-weight:700;font-size:1rem;transition:background .2s,transform .1s;box-shadow:0 4px 12px rgba(59,130,246,.3)}
.btn-primary:hover{background:color-mix(in srgb,var(--primary) 85%,black)}
.btn-primary:active{transform:scale(.98)}
.btn-primary:disabled{opacity:.5;cursor:not-allowed}
.btn-secondary{width:100%;padding:.875rem;border-radius:.75rem;background:var(--secondary);color:var(--fg);font-weight:700;font-size:1rem;border:1px solid var(--border);transition:background .2s}
.btn-secondary:hover{background:var(--muted)}
.btn-outline{padding:.75rem 1rem;border-radius:.75rem;border:1px solid var(--border);color:var(--muted-fg);font-weight:700;font-size:.875rem;transition:background .2s}
.btn-outline:hover{background:var(--secondary)}
.empty-cart{display:flex;flex-direction:column;align-items:center;justify-content:center;flex:1;gap:1rem;padding:2rem;text-align:center;color:var(--muted-fg)}
.empty-cart svg{opacity:.3}

/* Checkout */
.field-label{font-size:.875rem;font-weight:600;display:flex;align-items:center;gap:.5rem;margin-bottom:.5rem}
.field-label svg{color:var(--primary)}
.field-input{width:100%;background:rgba(255,255,255,.04);border:1px solid var(--border);border-radius:.75rem;padding:.75rem 1rem;font-size:.875rem;color:var(--fg);transition:border-color .2s,box-shadow .2s}
.field-input:focus{border-color:var(--primary);box-shadow:0 0 0 3px rgba(59,130,246,.15)}
.field-input.error{border-color:var(--destructive)}
.field-error{font-size:.75rem;color:var(--destructive);margin-top:.25rem}
textarea.field-input{resize:none}

/* Success */
.success-wrap{display:flex;flex-direction:column;align-items:center;justify-content:center;flex:1;padding:2rem;text-align:center;gap:1rem}
.success-icon{width:96px;height:96px;border-radius:50%;background:rgba(34,197,94,.1);display:flex;align-items:center;justify-content:center}

/* Product Modal */
#prod-modal-overlay{position:fixed;inset:0;z-index:60;background:rgba(0,0,0,.7);backdrop-filter:blur(4px);opacity:0;pointer-events:none;transition:opacity .3s}
#prod-modal-overlay.open{opacity:1;pointer-events:all}
#prod-modal{position:fixed;bottom:0;left:0;right:0;z-index:61;max-height:92vh;background:var(--card);border-radius:1.5rem 1.5rem 0 0;border:1px solid var(--border);box-shadow:0 -8px 32px rgba(0,0,0,.5);display:flex;flex-direction:column;transform:translateY(100%);transition:transform .35s cubic-bezier(.4,0,.2,1)}
#prod-modal.open{transform:translateY(0)}
@media(min-width:640px){#prod-modal{max-width:520px;left:50%;right:auto;bottom:0;border-radius:1.5rem;transform:translate(-50%,100%)}#prod-modal.open{transform:translate(-50%,0) translateY(-5vh)}}
.modal-scroll{overflow-y:auto;flex:1}
.modal-header{display:flex;align-items:center;justify-content:space-between;padding:1rem;border-bottom:1px solid var(--border);flex-shrink:0}
.modal-title{font-family:'Cairo',sans-serif;font-size:1.125rem;font-weight:700}
.modal-img{width:100%;height:220px;object-fit:contain;background:rgba(255,255,255,.04);padding:1rem}
.modal-body{padding:1rem}
.modal-badges{display:flex;gap:.5rem;flex-wrap:wrap;margin-bottom:.75rem}
.badge{padding:.25rem .75rem;border-radius:999px;font-size:.75rem;font-weight:700}
.badge-primary{background:rgba(59,130,246,.1);color:var(--primary);border:1px solid rgba(59,130,246,.2)}
.badge-amber{background:rgba(245,158,11,.1);color:var(--amber);border:1px solid rgba(245,158,11,.2)}
.badge-destructive{background:rgba(239,68,68,.1);color:var(--destructive);border:1px solid rgba(239,68,68,.2)}
.modal-prod-name{font-family:'Cairo',sans-serif;font-size:1.25rem;font-weight:800;margin-bottom:.75rem;line-height:1.3}
.modal-rating{display:flex;align-items:center;gap:.5rem;font-size:.875rem;margin-bottom.75rem;color:#f59e0b}
.modal-desc{font-size:.875rem;line-height:1.75;color:var(--muted-fg);margin-bottom:1rem}
.modal-price-box{display:flex;justify-content:space-between;align-items:center;background:rgba(59,130,246,.05);border:1px solid rgba(59,130,246,.15);border-radius:.75rem;padding:.75rem 1rem;margin-bottom:1rem}
.modal-price-main{font-family:'Cairo',sans-serif;font-weight:800;font-size:1.375rem;color:var(--primary)}
.modal-price-old{font-size:.875rem;color:var(--muted-fg);text-decoration:line-through}
.qty-row{display:flex;align-items:center;justify-content:space-between;background:var(--secondary);border-radius:.75rem;padding:.75rem 1rem;margin-bottom:.75rem}
.qty-controls{display:flex;align-items:center;gap:.75rem}
.qty-btn-lg{width:36px;height:36px;border-radius:.5rem;background:var(--muted);display:flex;align-items:center;justify-content:center;transition:background .2s}
.qty-btn-lg:hover{background:rgba(59,130,246,.2);color:var(--primary)}
.qty-total-box{display:flex;justify-content:space-between;align-items:center;background:rgba(59,130,246,.05);border:1px solid rgba(59,130,246,.15);border-radius:.75rem;padding:.75rem 1rem;margin-bottom:1rem}
.modal-foot{border-top:1px solid var(--border);padding:1rem 1rem 2rem;flex-shrink:0}
.alert-box{display:flex;align-items:center;gap:.5rem;border-radius:.75rem;padding:.625rem .75rem;font-size:.875rem;margin-bottom:.75rem}
.alert-warn{background:rgba(245,158,11,.1);border:1px solid rgba(245,158,11,.2);color:var(--amber)}
.alert-err{background:rgba(239,68,68,.1);border:1px solid rgba(239,68,68,.2);color:var(--destructive)}

/* Auth / Account */
.page-wrap{padding:1.5rem 1rem 6rem;max-width:480px;margin:0 auto}
.auth-card{background:var(--card);border:1px solid var(--border);border-radius:1.5rem;padding:1.5rem}
.auth-icon-wrap{display:flex;align-items:center;justify-content:center;width:56px;height:56px;border-radius:1rem;background:rgba(59,130,246,.1);margin:0 auto 1rem}
.form-group{margin-bottom:1rem}
.input-wrap{position:relative}
.input-icon{position:absolute;top:50%;left:12px;transform:translateY(-50%);color:var(--muted-fg);pointer-events:none}
.input-with-icon{padding-left:2.5rem!important}
.toggle-pw{position:absolute;top:50%;right:12px;transform:translateY(-50%);color:var(--muted-fg);cursor:pointer}

/* Admin panel */
.user-card{background:var(--card);border:1px solid var(--border);border-radius:1.25rem;padding:1.25rem;margin-bottom:1.25rem}
.user-avatar{width:56px;height:56px;border-radius:50%;background:linear-gradient(135deg,var(--primary),var(--accent));display:flex;align-items:center;justify-content:center;font-family:'Cairo',sans-serif;font-weight:800;font-size:1.25rem;color:#fff}
.menu-item{display:flex;align-items:center;justify-content:space-between;padding:.875rem 1rem;border-radius:.75rem;background:var(--secondary);cursor:pointer;transition:background .2s;margin-bottom:.5rem}
.menu-item:hover{background:var(--muted)}
.menu-item-left{display:flex;align-items:center;gap:.75rem}
.menu-item-icon{display:flex;align-items:center;justify-content:center;width:36px;height:36px;border-radius:.75rem;background:rgba(59,130,246,.1);color:var(--primary)}
.status-badge{display:inline-flex;align-items:center;gap:.25rem;padding:.25rem .75rem;border-radius:999px;font-size:.75rem;font-weight:700}
.status-delivered{background:rgba(34,197,94,.1);color:var(--green);border:1px solid rgba(34,197,94,.2)}
.status-pending{background:rgba(245,158,11,.1);color:var(--amber);border:1px solid rgba(245,158,11,.2)}
.status-rejected{background:rgba(239,68,68,.1);color:var(--destructive);border:1px solid rgba(239,68,68,.2)}
.order-card{background:var(--secondary);border-radius:.75rem;padding:.875rem;margin-bottom:.75rem;cursor:pointer;transition:background .2s}
.order-card:hover{background:var(--muted)}
.notif-banner{background:rgba(245,158,11,.1);border:1px solid rgba(245,158,11,.2);border-radius:.75rem;padding:.875rem;margin-bottom:1rem}
.notif-item{background:rgba(239,68,68,.07);border:1px solid rgba(239,68,68,.15);border-radius:.75rem;padding:.75rem;margin-bottom:.5rem}

/* Admin Modals */
.modal-overlay{position:fixed;inset:0;z-index:70;background:rgba(0,0,0,.75);backdrop-filter:blur(4px);display:flex;align-items:flex-end;justify-content:center}
@media(min-width:640px){.modal-overlay{align-items:center}}
.modal-box{width:100%;max-width:500px;max-height:90vh;background:var(--card);border:1px solid var(--border);border-radius:1.5rem 1.5rem 0 0;display:flex;flex-direction:column;overflow:hidden;box-shadow:0 -8px 40px rgba(0,0,0,.5)}
@media(min-width:640px){.modal-box{border-radius:1.5rem}}
.modal-head{display:flex;align-items:center;justify-content:space-between;padding:1rem;border-bottom:1px solid var(--border);flex-shrink:0}
.modal-body-scroll{overflow-y:auto;flex:1;padding:1rem}
.modal-foot-btns{display:flex;gap:.75rem;padding:1rem;border-top:1px solid var(--border);flex-shrink:0}
.save-btn{flex:1;padding:.875rem;border-radius:.75rem;background:hsl(38,92%,50%);color:#000;font-weight:700;font-size:.9375rem;transition:background .2s}
.save-btn:hover{background:hsl(38,92%,45%)}
.save-btn:disabled{opacity:.6;cursor:not-allowed}
.cancel-btn{padding:.875rem 1.25rem;border-radius:.75rem;border:1px solid var(--border);color:var(--muted-fg);font-weight:700;transition:background .2s}
.cancel-btn:hover{background:var(--secondary)}
.field-group{margin-bottom:1rem}
.field-group label{display:block;font-size:.875rem;font-weight:500;margin-bottom:.375rem}
.field-group input,.field-group textarea,.field-group select{width:100%;background:rgba(255,255,255,.04);border:1px solid var(--border);border-radius:.75rem;padding:.75rem 1rem;color:var(--fg);transition:border-color .2s}
.field-group input:focus,.field-group textarea:focus,.field-group select:focus{border-color:hsl(38,92%,50%);box-shadow:0 0 0 3px rgba(245,158,11,.15)}
.field-group select option{background:var(--card)}
.upload-box{width:100%;border:2px dashed var(--border);border-radius:1rem;display:flex;flex-direction:column;align-items:center;justify-content:center;gap:.75rem;padding:2rem;cursor:pointer;transition:border-color .2s,background .2s}
.upload-box:hover{border-color:hsl(38,92%,50%,0.6);background:rgba(245,158,11,.04)}
.upload-preview{position:relative;border-radius:1rem;overflow:hidden;border:1px solid var(--border);cursor:pointer}
.upload-preview img{width:100%;height:160px;object-fit:cover}
.upload-preview-hover{position:absolute;inset:0;background:rgba(0,0,0,.5);opacity:0;transition:opacity .2s;display:flex;align-items:center;justify-content:center;gap:.5rem;color:#fff;font-weight:700;font-size:.875rem}
.upload-preview:hover .upload-preview-hover{opacity:1}
.img-uploading{position:absolute;inset:0;background:rgba(0,0,0,.6);display:flex;align-items:center;justify-content:center}
.spinner{width:24px;height:24px;border:2px solid rgba(255,255,255,.2);border-top-color:hsl(38,92%,50%);border-radius:50%;animation:spin .7s linear infinite}
@keyframes spin{to{transform:rotate(360deg)}}
.dot-menu{position:relative}
.dot-btn{width:32px;height:32px;border-radius:.5rem;background:rgba(0,0,0,.5);backdrop-filter:blur(4px);display:flex;align-items:center;justify-content:center;color:#fff;transition:background .2s}
.dot-btn:hover{background:rgba(0,0,0,.7)}
.dot-dropdown{position:absolute;top:calc(100% + .25rem);left:0;background:var(--card);border:1px solid var(--border);border-radius:.75rem;box-shadow:0 8px 24px rgba(0,0,0,.4);min-width:140px;overflow:hidden;z-index:10;animation:fadeUp .15s ease}
@keyframes fadeUp{from{opacity:0;transform:translateY(-4px)}to{opacity:1;transform:translateY(0)}}
.dot-option{display:flex;align-items:center;gap:.5rem;padding:.625rem 1rem;font-size:.875rem;font-weight:500;transition:background .2s;width:100%;text-align:right}
.dot-option:hover{background:var(--secondary)}
.dot-option.danger{color:var(--destructive)}
.dot-option.danger:hover{background:rgba(239,68,68,.1)}

/* Captcha Modal */
#captcha-overlay{position:fixed;inset:0;z-index:80;background:rgba(0,0,0,.8);backdrop-filter:blur(6px);display:flex;align-items:center;justify-content:center;padding:1rem}
.captcha-box{background:var(--card);border:1px solid var(--border);border-radius:1.5rem;padding:1.5rem 2rem;width:100%;max-width:380px;text-align:center;box-shadow:0 8px 40px rgba(0,0,0,.5)}

/* Suspicious Modal */
#suspicious-overlay{position:fixed;inset:0;z-index:80;background:rgba(0,0,0,.85);backdrop-filter:blur(8px);display:flex;align-items:center;justify-content:center;padding:1rem}
.susp-box{background:var(--card);border:1px solid var(--border);border-radius:1.5rem;padding:1.5rem;width:100%;max-width:380px;box-shadow:0 8px 40px rgba(0,0,0,.5)}

/* Loading Screen */
#loading-screen{position:fixed;inset:0;z-index:100;background:var(--bg);display:flex;flex-direction:column;align-items:center;justify-content:center;transition:opacity .5s,transform .6s}
#loading-screen.hidden{opacity:0;pointer-events:none}
.loader-icon{width:96px;height:96px;border-radius:1.25rem;background:linear-gradient(135deg,var(--primary),var(--accent));display:flex;align-items:center;justify-content:center;box-shadow:0 0 40px rgba(59,130,246,.4);animation:pulse-glow 2s ease-in-out infinite}
@keyframes pulse-glow{0%,100%{box-shadow:0 0 0 rgba(59,130,246,.4)}50%{box-shadow:0 0 40px rgba(59,130,246,.4)}}
.loader-bar-wrap{height:8px;width:280px;background:var(--secondary);border-radius:999px;overflow:hidden;margin-top:2rem}
.loader-bar{height:100%;background:linear-gradient(to right,var(--primary),var(--accent));border-radius:999px;width:0%;transition:width .3s ease}
.loader-info{display:flex;justify-content:space-between;width:280px;margin-top:.75rem;font-size:.875rem;font-weight:500;color:var(--muted-fg)}

/* Search bar */
.search-wrap{position:relative;margin-bottom:1.25rem}
.search-wrap input{width:100%;background:var(--secondary);border:1px solid var(--border);border-radius:.75rem;padding:.75rem 3rem;color:var(--fg)}
.search-wrap input:focus{border-color:var(--primary)}
.search-icon{position:absolute;top:50%;right:1rem;transform:translateY(-50%);color:var(--muted-fg);pointer-events:none}
.search-clear{position:absolute;top:50%;left:1rem;transform:translateY(-50%);color:var(--muted-fg);cursor:pointer}
.search-results-info{font-size:.875rem;color:var(--muted-fg);margin-bottom:1rem}

/* Back button */
.back-btn{display:flex;align-items:center;gap:.5rem;color:var(--muted-fg);font-size:.9375rem;font-weight:600;padding:.5rem 0;margin-bottom:1rem;transition:color .2s}
.back-btn:hover{color:var(--fg)}

/* Gradient chips */
.gradient-options{display:flex;flex-wrap:wrap;gap:.5rem}
.gradient-chip{padding:.375rem .875rem;border-radius:999px;border:2px solid transparent;cursor:pointer;font-size:.8125rem;font-weight:600;transition:border-color .2s}
.gradient-chip.selected{border-color:hsl(38,92%,50%)}

/* Discount toggle */
.toggle-row{display:flex;align-items:center;justify-content:space-between;background:var(--secondary);border-radius:.75rem;padding:.75rem 1rem;cursor:pointer}
.toggle-switch{width:44px;height:24px;border-radius:999px;background:var(--muted);position:relative;transition:background .3s}
.toggle-switch.on{background:hsl(38,92%,50%)}
.toggle-thumb{width:18px;height:18px;border-radius:50%;background:#fff;position:absolute;top:3px;right:3px;transition:transform .3s}
.toggle-switch.on .toggle-thumb{transform:translateX(-20px)}

/* Utility */
.flex{display:flex}.items-center{align-items:center}.justify-between{justify-content:space-between}.gap-2{gap:.5rem}.gap-3{gap:.75rem}.mt-2{margin-top:.5rem}.mt-4{margin-top:1rem}.mb-2{margin-bottom:.5rem}.mb-4{margin-bottom:1rem}.text-sm{font-size:.875rem}.text-xs{font-size:.75rem}.font-bold{font-weight:700}.text-muted{color:var(--muted-fg)}.text-primary{color:var(--primary)}.text-destructive{color:var(--destructive)}.text-amber{color:var(--amber)}.text-green{color:var(--green)}.text-center{text-align:center}.w-full{width:100%}.rounded{border-radius:.5rem}.hidden{display:none!important}.relative{position:relative}.p-4{padding:1rem}.space-y-3>*+*{margin-top:.75rem}.space-y-4>*+*{margin-top:1rem}.admin-bar{display:flex;align-items:center;justify-content:space-between;background:rgba(245,158,11,.07);border:1px solid rgba(245,158,11,.2);border-radius:.75rem;padding:.625rem .875rem;margin-bottom:.75rem}.admin-bar-label{font-size:.75rem;color:var(--amber);font-weight:700}.add-btn-admin{display:flex;align-items:center;gap:.375rem;background:hsl(38,92%,50%);color:#000;font-size:.75rem;font-weight:700;padding:.375rem .75rem;border-radius:.75rem;transition:background .2s}.add-btn-admin:hover{background:hsl(38,92%,45%)}

/* Page transitions */
.page{animation:fadeIn .3s ease}
@keyframes fadeIn{from{opacity:0;transform:translateY(8px)}to{opacity:1;transform:translateY(0)}}

/* Add to cart anim */
@keyframes addedAnim{0%{transform:scale(1)}50%{transform:scale(1.12)}100%{transform:scale(1)}}
.added-anim{animation:addedAnim .25s ease}

/* Reject modal */
.reject-modal-overlay{position:fixed;inset:0;z-index:90;background:rgba(0,0,0,.8);backdrop-filter:blur(4px);display:flex;align-items:center;justify-content:center;padding:1rem}
.reject-modal{background:var(--card);border:1px solid var(--border);border-radius:1.5rem;padding:1.5rem;width:100%;max-width:400px}

/* Responsive desktop fix */
@media(min-width:768px){
  .bnav-inner{display:none}
  #bottom-nav{display:none}
  #main{padding-bottom:2rem}
  .desktop-nav{display:flex!important}
}
.desktop-nav{display:none;align-items:center;gap:1.5rem}
.desktop-nav a{font-size:.9375rem;font-weight:500;color:var(--muted-fg);transition:color .2s}
.desktop-nav a:hover,.desktop-nav a.active{color:var(--fg)}
</style>
</head>
<body>
<!-- Loading Screen -->
<div id="loading-screen">
  <div class="loader-icon">
    <svg width="48" height="48" viewBox="0 0 24 24" fill="white" xmlns="http://www.w3.org/2000/svg"><polygon points="13 2 3 14 12 14 11 22 21 10 12 10 13 2"/></svg>
  </div>
  <h1 style="font-family:Cairo,sans-serif;font-size:2rem;font-weight:800;margin-top:3rem">تيك<span style="color:var(--primary)">زون</span></h1>
  <div class="loader-bar-wrap"><div class="loader-bar" id="loader-bar"></div></div>
  <div class="loader-info"><span>جاري التحميل...</span><span id="loader-pct">0%</span></div>
</div>

<!-- App Shell -->
<div class="app" id="app" style="display:none">
  <!-- TopBar -->
  <header id="topbar" class="glass">
    <div class="container topbar-inner">
      <div class="logo" onclick="navigate('home')">
        <div class="logo-icon">
          <svg width="16" height="16" viewBox="0 0 24 24" fill="white"><polygon points="13 2 3 14 12 14 11 22 21 10 12 10 13 2"/></svg>
        </div>
        <span class="logo-text">تيك<span>زون</span></span>
      </div>
      <nav class="desktop-nav" id="desktop-nav">
        <a href="#" onclick="navigate('home');return false" id="dnav-home">الرئيسية</a>
        <a href="#" onclick="navigate('categories');return false" id="dnav-categories">الأقسام</a>
        <a href="#" onclick="navigate('account');return false" id="dnav-account">حسابي</a>
      </nav>
      <button class="cart-btn" onclick="openCart()" aria-label="عربة التسوق">
        <svg width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="9" cy="21" r="1"/><circle cx="20" cy="21" r="1"/><path d="M1 1h4l2.68 13.39a2 2 0 0 0 2 1.61h9.72a2 2 0 0 0 2-1.61L23 6H6"/></svg>
        <span class="cart-badge" id="cart-badge" style="display:none">0</span>
      </button>
    </div>
  </header>

  <!-- Main Content -->
  <main class="container" id="main">
    <div id="page-home" class="page"></div>
    <div id="page-categories" class="page" style="display:none"></div>
    <div id="page-account" class="page" style="display:none"></div>
  </main>

  <!-- Bottom Nav -->
  <nav id="bottom-nav" class="glass">
    <div class="bnav-inner">
      <button class="bnav-item active" id="bnav-home" onclick="navigate('home')">
        <div class="active-bg" id="bnav-home-bg"></div>
        <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M3 9l9-7 9 7v11a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2z"/><polyline points="9 22 9 12 15 12 15 22"/></svg>
        <span>الرئيسية</span>
      </button>
      <button class="bnav-item" id="bnav-categories" onclick="navigate('categories')">
        <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="3" y="3" width="7" height="7"/><rect x="14" y="3" width="7" height="7"/><rect x="14" y="14" width="7" height="7"/><rect x="3" y="14" width="7" height="7"/></svg>
        <span>الأقسام</span>
      </button>
      <button class="bnav-item" id="bnav-account" onclick="navigate('account')">
        <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M20 21v-2a4 4 0 0 0-4-4H8a4 4 0 0 0-4 4v2"/><circle cx="12" cy="7" r="4"/></svg>
        <span>حسابي</span>
      </button>
    </div>
  </nav>
</div>

<!-- Cart Overlay & Drawer -->
<div id="cart-overlay" onclick="closeCart()"></div>
<div id="cart-drawer">
  <div class="drawer-head">
    <div class="drawer-head-left">
      <div class="drawer-icon">
        <svg width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M6 2L3 6v14a2 2 0 002 2h14a2 2 0 002-2V6l-3-4z"/><line x1="3" y1="6" x2="21" y2="6"/><path d="M16 10a4 4 0 01-8 0"/></svg>
      </div>
      <div>
        <div class="drawer-title" id="drawer-title">سلة المشتريات</div>
        <div class="drawer-subtitle" id="drawer-subtitle"></div>
      </div>
    </div>
    <button class="drawer-close" onclick="closeCart()">
      <svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="18" y1="6" x2="6" y2="18"/><line x1="6" y1="6" x2="18" y2="18"/></svg>
    </button>
  </div>
  <div id="cart-content" class="drawer-body" style="flex:1;display:flex;flex-direction:column"></div>
</div>

<!-- Product Modal -->
<div id="prod-modal-overlay" onclick="closeProdModal()"></div>
<div id="prod-modal">
  <div class="modal-header" style="flex-shrink:0">
    <div class="modal-title" id="prod-modal-title">تفاصيل المنتج</div>
    <button class="drawer-close" onclick="closeProdModal()">
      <svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="18" y1="6" x2="6" y2="18"/><line x1="6" y1="6" x2="18" y2="18"/></svg>
    </button>
  </div>
  <div id="prod-modal-body" class="modal-scroll"></div>
  <div id="prod-modal-foot" class="modal-foot"></div>
</div>

<!-- Admin Modal Container -->
<div id="admin-modal-container"></div>

<!-- Captcha Modal Container -->
<div id="captcha-container"></div>

<!-- Suspicious Modal -->
<div id="suspicious-overlay" style="display:none">
  <div class="susp-box">
    <div id="susp-content"></div>
  </div>
</div>

<script>
// ═══════════════════════════════════════════════════════
//  STATE
// ═══════════════════════════════════════════════════════
const API = '';

const S = {
  products:   (window.__D||{}).products   || [],
  categories: (window.__D||{}).categories || [],
  ads:        (window.__D||{}).ads        || [],
  cart:       JSON.parse(localStorage.getItem('tz-cart')||'[]'),
  user:       JSON.parse(localStorage.getItem('tz-user')||'null'),
  orders:     JSON.parse(localStorage.getItem('tz-orders')||'[]'),
  hasSeenLoader: localStorage.getItem('tz-seen-loader') === '1',
  selectedProduct: null,
  selectedCategory: null,
  isCartOpen: false,
  showSuspicious: false,
  currentPage: 'home',
};

function save(){
  localStorage.setItem('tz-cart', JSON.stringify(S.cart));
  localStorage.setItem('tz-user', JSON.stringify(S.user));
  localStorage.setItem('tz-orders', JSON.stringify(S.orders));
}

// ═══════════════════════════════════════════════════════
//  SSE – real-time updates  (one persistent connection)
//  Strategy: payload carries FULL data array → apply in-memory
//  → re-render.  Zero extra HTTP requests for live updates.
// ═══════════════════════════════════════════════════════
let _sseSource = null;
function startSSE(){
  if(_sseSource) return;
  function connect(){
    const es = new EventSource('/api/sse');
    _sseSource = es;
    es.onmessage = e => {
      try{
        const d = JSON.parse(e.data);

        // Products: apply data from SSE directly, else pull from API
        if(d.type === 'products_updated'){
          if(Array.isArray(d.data)){
            S.products = d.data;
            renderCurrentPage();
          } else {
            reloadProducts();
          }
        }

        // Categories: same pattern
        if(d.type === 'categories_updated'){
          if(Array.isArray(d.data)){
            S.categories = d.data;
            renderCurrentPage();
          } else {
            reloadCategories();
          }
        }

        // Ads: same pattern
        if(d.type === 'ads_updated'){
          if(Array.isArray(d.data)){
            S.ads = d.data;
            renderCurrentPage();
          } else {
            reloadAds();
          }
        }

        // Orders: admin sees live order list; regular user sees rejection notif
        if(d.type === 'orders_updated'){
          if(S.user?.is_admin) reloadAdminOrders();
          else if(S.user) loadRejectionNotifs();
        }

      }catch{}
    };
    es.onerror = () => {
      es.close();
      _sseSource = null;
      setTimeout(connect, 5000); // re-connect after 5s
    };
  }
  connect();
}

// Fallback fetch helpers (used when SSE data field is absent or for pull-on-demand)
async function reloadProducts(){
  try{
    const r = await fetch('/api/products');
    const d = await r.json();
    if(d.products){ S.products = d.products; renderCurrentPage(); }
  }catch{}
}
async function reloadCategories(){
  try{
    const r = await fetch('/api/categories');
    const d = await r.json();
    if(d.categories){ S.categories = d.categories; renderCurrentPage(); }
  }catch{}
}
async function reloadAds(){
  try{
    const r = await fetch('/api/ads');
    const d = await r.json();
    if(d.ads){ S.ads = d.ads; renderCurrentPage(); }
  }catch{}
}
let _adminOrders = [];
async function reloadAdminOrders(){
  try{
    const r = await fetch('/api/admin/orders?adminPhone=911');
    const d = await r.json();
    _adminOrders = d.orders || [];
    if(S.currentPage === 'account') renderAccount();
  }catch{}
}

// ═══════════════════════════════════════════════════════
//  NAVIGATION
// ═══════════════════════════════════════════════════════
function navigate(page){
  S.currentPage = page;
  ['home','categories','account'].forEach(p => {
    document.getElementById('page-'+p).style.display = (p===page ? '' : 'none');
  });
  ['home','categories','account'].forEach(p => {
    const btn = document.getElementById('bnav-'+p);
    const bg  = document.getElementById('bnav-'+p+'-bg');
    if(!btn) return;
    if(p===page){ btn.classList.add('active'); if(bg) bg.style.display=''; }
    else { btn.classList.remove('active'); if(bg) bg.style.display='none'; }
    const dna = document.getElementById('dnav-'+p);
    if(dna){ if(p===page) dna.classList.add('active'); else dna.classList.remove('active'); }
  });
  if(page === 'home')       renderHome();
  if(page === 'categories') { S.selectedCategory = null; renderCategories(); }
  if(page === 'account')    renderAccount();
  window.scrollTo(0,0);
}

function renderCurrentPage(){
  if(S.currentPage === 'home')       renderHome();
  if(S.currentPage === 'categories') renderCategories();
  if(S.currentPage === 'account')    renderAccount();
}

// ═══════════════════════════════════════════════════════
//  ICONS (SVG inline)
// ═══════════════════════════════════════════════════════
const ICON = {
  zap:    '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="currentColor" stroke="none"><polygon points="13 2 3 14 12 14 11 22 21 10 12 10 13 2"/></svg>',
  star:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="currentColor"><polygon points="12 2 15.09 8.26 22 9.27 17 14.14 18.18 21.02 12 17.77 5.82 21.02 7 14.14 2 9.27 8.91 8.26 12 2"/></svg>',
  eye:    '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"/><circle cx="12" cy="12" r="3"/></svg>',
  plus:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="12" y1="5" x2="12" y2="19"/><line x1="5" y1="12" x2="19" y2="12"/></svg>',
  minus:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="5" y1="12" x2="19" y2="12"/></svg>',
  trash:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><polyline points="3 6 5 6 21 6"/><path d="M19 6v14a2 2 0 0 1-2 2H7a2 2 0 0 1-2-2V6m3 0V4a1 1 0 0 1 1-1h4a1 1 0 0 1 1 1v2"/></svg>',
  pencil: '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M11 4H4a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2v-7"/><path d="M18.5 2.5a2.121 2.121 0 0 1 3 3L12 15l-4 1 1-4 9.5-9.5z"/></svg>',
  x:      '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="18" y1="6" x2="6" y2="18"/><line x1="6" y1="6" x2="18" y2="18"/></svg>',
  check:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><polyline points="20 6 9 17 4 12"/></svg>',
  cart:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="9" cy="21" r="1"/><circle cx="20" cy="21" r="1"/><path d="M1 1h4l2.68 13.39a2 2 0 0 0 2 1.61h9.72a2 2 0 0 0 2-1.61L23 6H6"/></svg>',
  shield: '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/><polyline points="9 12 11 14 15 10"/></svg>',
  warn:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z"/><line x1="12" y1="9" x2="12" y2="13"/><line x1="12" y1="17" x2="12.01" y2="17"/></svg>',
  login:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M15 3h4a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2h-4"/><polyline points="10 17 15 12 10 7"/><line x1="15" y1="12" x2="3" y2="12"/></svg>',
  user:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M20 21v-2a4 4 0 0 0-4-4H8a4 4 0 0 0-4 4v2"/><circle cx="12" cy="7" r="4"/></svg>',
  phone:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M22 16.92v3a2 2 0 0 1-2.18 2 19.79 19.79 0 0 1-8.63-3.07A19.5 19.5 0 0 1 4.69 13a19.79 19.79 0 0 1-3.07-8.67A2 2 0 0 1 3.6 2.26h3a2 2 0 0 1 2 1.72c.127.96.361 1.903.7 2.81a2 2 0 0 1-.45 2.11L7.91 9.91a16 16 0 0 0 6.18 6.18l1.71-1.71a2 2 0 0 1 2.11-.45c.907.339 1.85.573 2.81.7A2 2 0 0 1 22 16.92z"/></svg>',
  lock:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="3" y="11" width="18" height="11" rx="2" ry="2"/><path d="M7 11V7a5 5 0 0 1 10 0v4"/></svg>',
  pkg:    '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="16.5" y1="9.4" x2="7.5" y2="4.21"/><path d="M21 16V8a2 2 0 0 0-1-1.73l-7-4a2 2 0 0 0-2 0l-7 4A2 2 0 0 0 3 8v8a2 2 0 0 0 1 1.73l7 4a2 2 0 0 0 2 0l7-4A2 2 0 0 0 21 16z"/><polyline points="3.27 6.96 12 12.01 20.73 6.96"/><line x1="12" y1="22.08" x2="12" y2="12"/></svg>',
  settings:'<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="3"/><path d="M19.4 15a1.65 1.65 0 0 0 .33 1.82l.06.06a2 2 0 0 1 0 2.83 2 2 0 0 1-2.83 0l-.06-.06a1.65 1.65 0 0 0-1.82-.33 1.65 1.65 0 0 0-1 1.51V21a2 2 0 0 1-4 0v-.09A1.65 1.65 0 0 0 9 19.4a1.65 1.65 0 0 0-1.82.33l-.06.06a2 2 0 0 1-2.83-2.83l.06-.06A1.65 1.65 0 0 0 4.68 15a1.65 1.65 0 0 0-1.51-1H3a2 2 0 0 1 0-4h.09A1.65 1.65 0 0 0 4.6 9a1.65 1.65 0 0 0-.33-1.82l-.06-.06a2 2 0 0 1 2.83-2.83l.06.06A1.65 1.65 0 0 0 9 4.68a1.65 1.65 0 0 0 1-1.51V3a2 2 0 0 1 4 0v.09a1.65 1.65 0 0 0 1 1.51 1.65 1.65 0 0 0 1.82-.33l.06-.06a2 2 0 0 1 2.83 2.83l-.06.06A1.65 1.65 0 0 0 19.4 9a1.65 1.65 0 0 0 1.51 1H21a2 2 0 0 1 0 4h-.09a1.65 1.65 0 0 0-1.51 1z"/></svg>',
  logout: '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M9 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h4"/><polyline points="16 17 21 12 16 7"/><line x1="21" y1="12" x2="9" y2="12"/></svg>',
  arrow:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="19" y1="12" x2="5" y2="12"/><polyline points="12 19 5 12 12 5"/></svg>',
  arrowr: '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="5" y1="12" x2="19" y2="12"/><polyline points="12 5 19 12 12 19"/></svg>',
  truck:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="1" y="3" width="15" height="13"/><polygon points="16 8 20 8 23 11 23 16 16 16 16 8"/><circle cx="5.5" cy="18.5" r="2.5"/><circle cx="18.5" cy="18.5" r="2.5"/></svg>',
  clock:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><polyline points="12 6 12 12 16 14"/></svg>',
  xcircle:'<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="15" y1="9" x2="9" y2="15"/><line x1="9" y1="9" x2="15" y2="15"/></svg>',
  checkcircle:'<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"/><polyline points="22 4 12 14.01 9 11.01"/></svg>',
  save:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M19 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h11l5 5v11a2 2 0 0 1-2 2z"/><polyline points="17 21 17 13 7 13 7 21"/><polyline points="7 3 7 8 15 8"/></svg>',
  bell:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M18 8A6 6 0 0 0 6 8c0 7-3 9-3 9h18s-3-2-3-9"/><path d="M13.73 21a2 2 0 0 1-3.46 0"/></svg>',
  upload: '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><polyline points="16 16 12 12 8 16"/><line x1="12" y1="12" x2="12" y2="21"/><path d="M20.39 18.39A5 5 0 0 0 18 9h-1.26A8 8 0 1 0 3 16.3"/></svg>',
  img:    '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="3" y="3" width="18" height="18" rx="2" ry="2"/><circle cx="8.5" cy="8.5" r="1.5"/><polyline points="21 15 16 10 5 21"/></svg>',
  more:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="5" r="1"/><circle cx="12" cy="12" r="1"/><circle cx="12" cy="19" r="1"/></svg>',
  users:  '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M17 21v-2a4 4 0 0 0-4-4H5a4 4 0 0 0-4 4v2"/><circle cx="9" cy="7" r="4"/><path d="M23 21v-2a4 4 0 0 0-3-3.87"/><path d="M16 3.13a4 4 0 0 1 0 7.75"/></svg>',
  search: '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="11" cy="11" r="8"/><line x1="21" y1="21" x2="16.65" y2="16.65"/></svg>',
  map:    '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M21 10c0 7-9 13-9 13s-9-6-9-13a9 9 0 0 1 18 0z"/><circle cx="12" cy="10" r="3"/></svg>',
  file:   '<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z"/><polyline points="14 2 14 8 20 8"/><line x1="16" y1="13" x2="8" y2="13"/><line x1="16" y1="17" x2="8" y2="17"/><polyline points="10 9 9 9 8 9"/></svg>',
  checkbig:'<svg width="{{s}}" height="{{s}}" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1.5"><path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"/><polyline points="22 4 12 14.01 9 11.01"/></svg>',
};
function icon(name, size=20){
  return (ICON[name]||'').replace(/\\{\\{s\\}\\}/g, size);
}

// ═══════════════════════════════════════════════════════
//  CART
// ═══════════════════════════════════════════════════════
function cartTotal(){ return S.cart.reduce((a,i)=>a+i.quantity,0); }
function cartSubtotal(){ return S.cart.reduce((a,i)=>a+i.price*i.quantity,0); }

function updateCartBadge(){
  const total = cartTotal();
  const b = document.getElementById('cart-badge');
  if(!b) return;
  if(total > 0){ b.textContent = total; b.style.display = 'flex'; }
  else { b.style.display = 'none'; }
}

function addToCart(product){
  const ex = S.cart.find(i=>i.id===product.id);
  if(ex) ex.quantity++;
  else S.cart.push({...product, quantity:1});
  save();
  updateCartBadge();
  if(S.isCartOpen) renderCartContent();
}

function removeFromCart(productId){
  S.cart = S.cart.filter(i=>i.id!==productId);
  save();
  updateCartBadge();
  renderCartContent();
}

function updateQty(productId, qty){
  if(qty <= 0){ removeFromCart(productId); return; }
  const item = S.cart.find(i=>i.id===productId);
  if(item) item.quantity = qty;
  save();
  renderCartContent();
}

function openCart(){
  S.isCartOpen = true;
  document.getElementById('cart-overlay').classList.add('open');
  document.getElementById('cart-drawer').classList.add('open');
  renderCartContent();
}

function closeCart(){
  S.isCartOpen = false;
  document.getElementById('cart-overlay').classList.remove('open');
  document.getElementById('cart-drawer').classList.remove('open');
  setTimeout(()=>{ _cartStep = 'cart'; renderCartContent(); }, 400);
}

let _cartStep = 'cart';
let _cartPhone = '', _cartAddress = '', _cartNotes = '';
let _cartErrors = {};

function renderCartContent(){
  const el = document.getElementById('cart-content');
  const titleEl = document.getElementById('drawer-title');
  const subEl   = document.getElementById('drawer-subtitle');
  if(!el) return;

  if(_cartStep === 'success'){
    titleEl.textContent = 'تم الطلب!';
    subEl.textContent   = '';
    el.innerHTML = \`
      <div class="success-wrap">
        <div class="success-icon">\${icon('checkbig',56)}</div>
        <h2 style="font-family:Cairo,sans-serif;font-size:1.5rem;font-weight:800">تم استلام طلبك!</h2>
        <p style="color:var(--muted-fg);line-height:1.75">شكراً لك على طلبك. سنتواصل معك قريباً على الرقم المقدم لتأكيد التوصيل.</p>
        <button class="btn-primary" style="margin-top:1rem;max-width:240px" onclick="closeCart()">العودة للتسوق</button>
      </div>\`;
    return;
  }

  if(_cartStep === 'checkout'){
    titleEl.textContent = 'تفاصيل الطلب';
    subEl.textContent   = '';
    el.innerHTML = \`
      <div style="flex:1;overflow-y:auto;padding:1rem;display:flex;flex-direction:column;gap:1rem">
        <div class="form-group">
          <div class="field-label">\${icon('phone',16)} رقم الهاتف *</div>
          <input id="co-phone" type="tel" class="field-input \${_cartErrors.phone?'error':''}" placeholder="07xxxxxxxxx" dir="ltr" value="\${_cartPhone}" oninput="_cartPhone=this.value;_cartErrors.phone='';this.classList.remove('error')" />
          \${_cartErrors.phone?'<p class="field-error">'+_cartErrors.phone+'</p>':''}
        </div>
        <div class="form-group">
          <div class="field-label">\${icon('map',16)} العنوان كاملاً *</div>
          <textarea id="co-addr" class="field-input \${_cartErrors.address?'error':''}" rows="3" placeholder="المحافظة، المنطقة، الشارع، رقم المبنى..." oninput="_cartAddress=this.value;_cartErrors.address='';this.classList.remove('error')">\${_cartAddress}</textarea>
          \${_cartErrors.address?'<p class="field-error">'+_cartErrors.address+'</p>':''}
        </div>
        <div class="form-group">
          <div class="field-label">\${icon('file',16)} ملاحظات إضافية (اختياري)</div>
          <textarea id="co-notes" class="field-input" rows="2" placeholder="أي تعليمات خاصة..." oninput="_cartNotes=this.value">\${_cartNotes}</textarea>
        </div>
      </div>
      <div style="border-top:1px solid var(--border);padding:1rem 1rem 2rem;display:flex;gap:.75rem">
        <button class="btn-outline" onclick="_cartStep='cart';renderCartContent()">رجوع</button>
        <button class="btn-primary" onclick="confirmOrder()" style="flex:1">تأكيد الطلب</button>
      </div>\`;
    return;
  }

  // Cart step
  titleEl.textContent = 'سلة المشتريات';
  subEl.textContent   = cartTotal() + ' عناصر';

  if(S.cart.length === 0){
    el.innerHTML = \`
      <div class="empty-cart" style="flex:1">
        \${icon('cart',64)}
        <p style="font-size:1.125rem;font-weight:700">سلتك فارغة</p>
        <p style="font-size:.875rem">أضف منتجات لمتابعة التسوق</p>
      </div>
      <div style="border-top:1px solid var(--border);padding:1rem">
        <button class="btn-secondary" onclick="closeCart()">تصفح المنتجات</button>
      </div>\`;
    return;
  }

  const items = S.cart.map(item=>\`
    <div class="cart-item">
      <img class="cart-item-img" src="\${esc(item.image)}" alt="\${esc(item.name)}" loading="lazy"/>
      <div class="cart-item-info">
        <div class="cart-item-name">\${esc(item.name)}</div>
        <div class="cart-item-price">\${(item.price*item.quantity).toLocaleString()} د.ع</div>
      </div>
      <div class="cart-item-controls">
        <button class="rm-btn" onclick="removeFromCart(\${item.id})">\${icon('trash',14)}</button>
        <div style="display:flex;align-items:center;gap:.25rem">
          <button class="qty-btn" onclick="updateQty(\${item.id},\${item.quantity-1})">\${icon('minus',12)}</button>
          <span class="qty-num">\${item.quantity}</span>
          <button class="qty-btn" onclick="updateQty(\${item.id},\${item.quantity+1})">\${icon('plus',12)}</button>
        </div>
      </div>
    </div>\`).join('');

  const sub = cartSubtotal();
  const shipping = 5000;
  const total = sub + shipping;

  el.innerHTML = \`
    <div style="flex:1;overflow-y:auto;padding:1rem">\${items}</div>
    <div class="drawer-foot">
      <div class="price-row"><span>المجموع الجزئي</span><span>\${sub.toLocaleString()} د.ع</span></div>
      <div class="price-row"><span>رسوم التوصيل</span><span>\${shipping.toLocaleString()} د.ع</span></div>
      <div class="price-row total"><span>الإجمالي</span><span>\${total.toLocaleString()} د.ع</span></div>
      <button class="btn-primary" style="margin-top:.75rem" onclick="goCheckout()">متابعة الطلب</button>
    </div>\`;
}

function goCheckout(){
  if(!S.user){ closeCart(); navigate('account'); return; }
  _cartStep = 'checkout';
  renderCartContent();
}

async function confirmOrder(){
  _cartErrors = {};
  const phone = _cartPhone.trim();
  const addr  = _cartAddress.trim();
  if(!phone || phone.replace(/\\D/g,'').length < 9){ _cartErrors.phone = 'أدخل رقم هاتف صحيح'; }
  if(!addr || addr.length < 10){ _cartErrors.address = 'أدخل العنوان كاملاً'; }
  if(Object.keys(_cartErrors).length){ renderCartContent(); return; }

  const sub      = cartSubtotal();
  const shipping = 5000;
  const total    = sub + shipping;

  if(S.user){
    try{
      await fetch('/api/orders', {
        method:'POST',
        headers:{'Content-Type':'application/json'},
        body: JSON.stringify({
          userPhone: S.user.phone,
          deliveryPhone: phone,
          address: addr,
          notes: _cartNotes,
          total,
          items: S.cart.map(i=>({productId:i.id,productName:i.name,productImage:i.image,price:i.price,quantity:i.quantity})),
        }),
      });
    }catch{}
  }

  S.orders.push({id:'TZ-'+Date.now(), items:[...S.cart], total, phone, address:addr, notes:_cartNotes, date:getDate(), status:'قيد المعالجة'});
  S.cart = [];
  _cartPhone=''; _cartAddress=''; _cartNotes=''; _cartErrors={};
  save();
  updateCartBadge();
  _cartStep = 'success';
  renderCartContent();
}

function getDate(){
  const n=new Date();
  return String(n.getDate()).padStart(2,'0')+'/'+String(n.getMonth()+1).padStart(2,'0')+'/'+n.getFullYear();
}

// ═══════════════════════════════════════════════════════
//  PRODUCT MODAL
// ═══════════════════════════════════════════════════════
let _modalQty = 1;

function openProdModal(product){
  S.selectedProduct = product;
  _modalQty = 1;
  document.getElementById('prod-modal-overlay').classList.add('open');
  document.getElementById('prod-modal').classList.add('open');
  renderProdModal();
}

function closeProdModal(){
  document.getElementById('prod-modal-overlay').classList.remove('open');
  document.getElementById('prod-modal').classList.remove('open');
  S.selectedProduct = null;
}

function renderProdModal(){
  const p = S.selectedProduct;
  if(!p) return;
  const body  = document.getElementById('prod-modal-body');
  const foot  = document.getElementById('prod-modal-foot');
  const title = document.getElementById('prod-modal-title');
  if(!body || !foot) return;
  title.textContent = 'تفاصيل المنتج';

  const discount = p.oldPrice ? Math.round(((p.oldPrice - p.price)/p.oldPrice)*100) : 0;
  const isOos = p.badge === 'نفذت الكمية';

  body.innerHTML = \`
    <img class="modal-img" src="\${esc(p.image)}" alt="\${esc(p.name)}" loading="lazy"/>
    <div class="modal-body">
      <div class="modal-badges">
        \${discount>0?'<span class="badge badge-destructive">خصم '+discount+'%</span>':''}
        \${p.badge && p.badge!=='نفذت الكمية'?'<span class="badge badge-primary">'+esc(p.badge)+'</span>':''}
        \${isOos?'<span class="badge badge-destructive">نفذت الكمية</span>':''}
      </div>
      <h2 class="modal-prod-name">\${esc(p.name)}</h2>
      <div class="modal-rating" style="margin-bottom:.75rem">
        <span style="color:#f59e0b">\${icon('star',16)}</span>
        <span style="font-weight:600">\${p.rating}</span>
        <span style="color:var(--muted-fg);font-size:.875rem">(\${p.reviews.toLocaleString()} تقييم)</span>
      </div>
      <p class="modal-desc">\${esc(p.description)}</p>
      <div class="modal-price-box">
        <div>
          <div class="modal-price-main">\${p.price.toLocaleString()} د.ع</div>
          \${p.oldPrice?'<div class="modal-price-old">'+p.oldPrice.toLocaleString()+' د.ع</div>':''}
        </div>
      </div>
      \${(!isOos && S.user && !S.user.is_admin) ? \`
      <div class="qty-row">
        <span style="font-size:.875rem;font-weight:600">الكمية</span>
        <div class="qty-controls">
          <button class="qty-btn-lg" onclick="_modalQty=Math.max(1,_modalQty-1);renderProdModal()">\${icon('minus',16)}</button>
          <span style="font-weight:700;font-size:1.125rem;min-width:2rem;text-align:center" id="modal-qty-num">\${_modalQty}</span>
          <button class="qty-btn-lg" onclick="_modalQty++;renderProdModal()">\${icon('plus',16)}</button>
        </div>
      </div>
      <div class="qty-total-box">
        <span style="font-size:.875rem;font-weight:600;color:var(--muted-fg)">الإجمالي</span>
        <span style="font-family:Cairo,sans-serif;font-weight:800;font-size:1.125rem;color:var(--primary)">\${(p.price*_modalQty).toLocaleString()} د.ع</span>
      </div>
      \`:''}\`;

  if(isOos){
    foot.innerHTML = '<div class="alert-box alert-err" style="margin-bottom:0">'+icon('warn',16)+' هذا المنتج غير متوفر حالياً</div>';
  } else if(!S.user){
    foot.innerHTML = \`
      <div class="alert-box alert-warn">\${icon('warn',16)} يجب تسجيل الدخول أولاً لإضافة المنتجات للسلة</div>
      <button class="btn-primary" onclick="closeProdModal();navigate('account')">\${icon('login',18)} تسجيل الدخول</button>\`;
  } else if(S.user.is_admin){
    foot.innerHTML = '<p style="text-align:center;color:var(--muted-fg);font-size:.875rem;padding:.5rem 0">أنت في وضع المدير</p>';
  } else if(S.user.suspicious){
    foot.innerHTML = \`
      <div class="alert-box alert-err">\${icon('warn',16)} حسابك موقوف، يرجى التحقق من هويتك أولاً</div>
      <button class="btn-primary" style="background:var(--destructive)" onclick="closeProdModal();openSuspiciousModal()">\${icon('warn',18)} التحقق من الهوية</button>\`;
  } else {
    foot.innerHTML = \`<button class="btn-primary" onclick="addFromModal()">\${icon('cart',18)} أضف للسلة</button>\`;
  }
}

function addFromModal(){
  if(!S.selectedProduct) return;
  for(let i=0;i<_modalQty;i++) addToCart(S.selectedProduct);
  closeProdModal();
}

// ═══════════════════════════════════════════════════════
//  HOME PAGE
// ═══════════════════════════════════════════════════════
let _carouselIdx = 0;
let _carouselTimer = null;
let _carouselLen  = 0;

function renderHome(){
  const el = document.getElementById('page-home');
  if(!el) return;

  const isAdmin = S.user?.is_admin;
  const displayAds = S.ads.length > 0 ? S.ads : [{
    id:0, title:'أحدث التقنيات بين يديك',
    subtitle:'خصومات تصل إلى 40% على الأجهزة الذكية',
    image:'https://images.unsplash.com/photo-1550751827-4bd374c3f58b?w=1200&q=80&fit=crop',
    gradient:'from-blue-600/85 to-background'
  }];

  _carouselLen = displayAds.length;
  if(_carouselIdx >= _carouselLen) _carouselIdx = 0;

  const carouselSlides = displayAds.map((ad,i)=>\\`
    <div class="carousel-slide" id="slide-\${i}" style="display:\${i===_carouselIdx?'':'none'}">
      <img src="\${esc(ad.image)}" alt="\${esc(ad.title)}" loading="\${i===0?'eager':'lazy'}"/>
      <div class="carousel-overlay">
        <h2 class="carousel-title">\${esc(ad.title||'')}</h2>
        \${ad.subtitle?'<p class="carousel-sub">'+esc(ad.subtitle)+'</p>':''}
      </div>
      \${isAdmin ? \`<div class="carousel-admin-btns">
        <button onclick="editAd(\${ad.id})" style="padding:.375rem .75rem;border-radius:.75rem;background:rgba(245,158,11,.9);color:#000;font-size:.75rem;font-weight:700;display:flex;align-items:center;gap:.375rem">\${icon('pencil',12)} تعديل</button>
        <button onclick="deleteAd(\${ad.id})" style="padding:.375rem .75rem;border-radius:.75rem;background:rgba(239,68,68,.9);color:#fff;font-size:.75rem;font-weight:700;display:flex;align-items:center;gap:.375rem">\${icon('trash',12)} حذف</button>
      </div>\` : ''}\`;
  }).join('');

  const carouselDots = displayAds.length > 1
    ? '<div class="carousel-dots">'+displayAds.map((_,i)=>\\`<button class="carousel-dot \${i===_carouselIdx?'active':''}" onclick="carouselGo(\${i})"></button>\`).join('')+'</div>'
    : '';

  const saleProducts = S.products.filter(p=>p.oldPrice);
  const dealsSection = saleProducts.length > 0 ? \\`
    <section style="margin-top:2.5rem;padding-bottom:1rem">
      <div class="deals-header">
        <div class="deals-icon">\${icon('zap',20)}</div>
        <h3 class="section-title">عروض لا تفوت</h3>
      </div>
      <div class="prod-grid">\${saleProducts.map((p,i)=>productCardHTML(p,i,true,true)).join('')}</div>
    </section>\\` : '';

  el.innerHTML = \\`
    <div style="padding-bottom:1.5rem;padding-top:1rem">
      \${isAdmin ? \`<div class="admin-bar">
        <span class="admin-bar-label">إدارة الإعلانات</span>
        <button class="add-btn-admin" onclick="openAddAdModal()">\${icon('plus',14)} إضافة إعلان</button>
      </div>\` : ''}
      <div style="padding:0 1rem">
        <div class="carousel-wrap">
          <div id="carousel-slides">\${carouselSlides}</div>
        </div>
        \${carouselDots}
      </div>

      <section style="margin-top:2.5rem;padding:0 1rem 1rem">
        <div class="section-header">
          <h3 class="section-title">تسوق حسب القسم</h3>
          <a href="#" class="section-link" onclick="navigate('categories');return false">عرض الكل \${icon('arrow',12)}</a>
        </div>
        <div class="mini-cat-grid">
          \${S.categories.slice(0,8).map(cat=>\\`
            <div class="mini-cat-item" onclick="navigate('categories');setTimeout(()=>selectCategory('\${esc(cat.id)}'),50)">
              <div class="mini-cat-img">
                <img src="\${esc(cat.image)}" alt="\${esc(cat.name)}" loading="lazy"/>
              </div>
              <span class="mini-cat-label">\${esc(cat.name)}</span>
            </div>
          \\`).join('')}
        </div>
      </section>

      \${dealsSection}
    </div>\`;

  startCarousel();
}

function startCarousel(){
  if(_carouselTimer) clearInterval(_carouselTimer);
  if(_carouselLen <= 1) return;
  _carouselTimer = setInterval(()=>carouselGo((_carouselIdx+1)%_carouselLen), 5000);
}

function carouselGo(idx){
  const slides = document.querySelectorAll('.carousel-slide');
  slides.forEach((s,i)=>{ s.style.display = i===idx ? '' : 'none'; });
  const dots = document.querySelectorAll('.carousel-dot');
  dots.forEach((d,i)=>{ if(i===idx) d.classList.add('active'); else d.classList.remove('active'); });
  _carouselIdx = idx;
  if(_carouselTimer) clearInterval(_carouselTimer);
  startCarousel();
}

// ═══════════════════════════════════════════════════════
//  CATEGORIES PAGE
// ═══════════════════════════════════════════════════════
function renderCategories(){
  const el = document.getElementById('page-categories');
  if(!el) return;

  const isAdmin = S.user?.is_admin;

  if(S.selectedCategory){
    renderCategoryProducts(el);
    return;
  }

  // Search state
  const search = _catSearch || '';
  const searchResults = search.trim()
    ? S.products.filter(p => p.name.includes(search) || p.description.includes(search))
    : [];

  el.innerHTML = \\`
    <div style="padding:1rem 0 1rem">
      \${isAdmin ? \`<div class="admin-bar">
        <span class="admin-bar-label">إدارة الأقسام والمنتجات</span>
        <button class="add-btn-admin" onclick="openAddChoiceModal()">\${icon('plus',14)} إضافة</button>
      </div>\` : ''}
      <h2 style="font-family:Cairo,sans-serif;font-size:1.5rem;font-weight:800;margin-bottom:1.25rem">الأقسام</h2>
      <div class="search-wrap">
        <span class="search-icon">\${icon('search',18)}</span>
        <input type="search" placeholder="ابحث عن منتج..." value="\${esc(search)}"
          oninput="_catSearch=this.value;renderCategories()"
          style="padding:.75rem 3rem;width:100%;background:var(--secondary);border:1px solid var(--border);border-radius:.75rem;color:var(--fg)"/>
        \${search?'<button class="search-clear" onclick="_catSearch=\\'\\';renderCategories()">'+icon('x',16)+'</button>':''}
      </div>

      \${search && searchResults.length===0 ? '<p style="color:var(--muted-fg);font-size:.875rem">لا توجد نتائج</p>' : ''}
      \${search && searchResults.length > 0 ? \`
        <p class="search-results-info">وُجد \${searchResults.length} منتج</p>
        <div class="prod-grid">\${searchResults.map((p,i)=>productCardHTML(p,i,true,true)).join('')}</div>
      \` : ''}

      \${!search ? \`<div class="cat-grid">
        \${S.categories.map((cat,i)=>\\`
          <div class="cat-card \${isAdmin?'relative':''}" style="animation-delay:\${i*0.07}s">
            <div class="cat-img-wrap" onclick="selectCategory('\${esc(cat.id)}')">
              <img src="\${esc(cat.image)}" alt="\${esc(cat.name)}" loading="lazy"/>
              <div class="cat-count">\${S.products.filter(p=>p.category===cat.id).length} منتج</div>
            </div>
            <div class="cat-name-wrap" onclick="selectCategory('\${esc(cat.id)}')">
              <h3 class="cat-name">\${esc(cat.name)}</h3>
            </div>
            \${isAdmin?'<div class="dot-menu" style="position:absolute;top:8px;left:8px;z-index:10">'+dotMenuHTML('cat-'+cat.id, [
              {label:'تعديل', icon:'pencil', onclick:'editCategory("'+cat.id+'")'},
              {label:'حذف',   icon:'trash',  onclick:'deleteCategory("'+cat.id+'")', danger:true},
            ])+'</div>':''}
          </div>\`).join('')}
      </div>\` : ''}
    </div>\`;
}

let _catSearch = '';

function selectCategory(id){
  S.selectedCategory = id;
  renderCategories();
}

function renderCategoryProducts(el){
  const cat = S.categories.find(c=>c.id===S.selectedCategory);
  const catProducts = S.products.filter(p=>p.category===S.selectedCategory);
  const isAdmin = S.user?.is_admin;

  el.innerHTML = \\`
    <div style="padding:1rem 0 1rem">
      <button class="back-btn" onclick="S.selectedCategory=null;renderCategories()">
        \${icon('arrowr',18)} \${esc(cat?.name||'الأقسام')}
      </button>
      \${isAdmin ? \`<div class="admin-bar">
        <span class="admin-bar-label">إدارة منتجات هذا القسم</span>
        <button class="add-btn-admin" onclick="openAddProductModal('\${esc(S.selectedCategory||'')}')">\${icon('plus',14)} إضافة منتج</button>
      </div>\` : ''}
      \${catProducts.length===0 ? '<p style="color:var(--muted-fg);text-align:center;padding:3rem 0">لا توجد منتجات في هذا القسم</p>' :
        '<div class="prod-grid">'+catProducts.map((p,i)=>productCardHTML(p,i,isAdmin,true)).join('')+'</div>'}
    </div>\`;
}

// ═══════════════════════════════════════════════════════
//  PRODUCT CARD HTML
// ═══════════════════════════════════════════════════════
function productCardHTML(product, index=0, showAdminMenu=false, showAddBtn=false){
  const isOos = product.badge === 'نفذت الكمية';
  const discount = product.oldPrice ? Math.round(((product.oldPrice-product.price)/product.oldPrice)*100) : 0;
  const isAdmin = S.user?.is_admin;

  return \\`<div class="prod-card \${isOos?'out-of-stock':''}" style="animation-delay:\${index*0.08}s"
      \${!isOos ? 'onclick="openProdModal(S.products.find(p=>p.id==='+product.id+')||S.categories.find(()=>false)||'+JSON.stringify(product)+');void(0)"':''}
    >
    <div class="prod-img-wrap">
      \${isOos?'<div class="prod-badge oos">نفذت الكمية</div>':
        discount>0?'<div class="prod-badge discount">خصم '+discount+'%</div>':
        product.badge?'<div class="prod-badge primary">'+esc(product.badge)+'</div>':''}
      <img src="\${esc(product.image)}" alt="\${esc(product.name)}" loading="lazy"/>
      \${!isOos?'<div class="prod-overlay"><div class="prod-overlay-icon">'+icon('eye',16)+'</div></div>':''}
      \${showAdminMenu && isAdmin ? '<div class="dot-menu" style="position:absolute;top:8px;left:8px;z-index:10" onclick="event.stopPropagation()">'+dotMenuHTML('prod-'+product.id,[
        {label:'تعديل',icon:'pencil',onclick:'editProduct('+product.id+')'},
        {label:'حذف',  icon:'trash', onclick:'deleteProduct('+product.id+')',danger:true},
      ])+'</div>':''}
    </div>
    <div class="prod-body">
      <div class="prod-rating">\${icon('star',12)}<span style="font-weight:600;color:#f59e0b">\${product.rating}</span><span>(\${product.reviews.toLocaleString()})</span></div>
      <h3 class="prod-name">\${esc(product.name)}</h3>
      <div style="margin-top:auto">
        \${product.oldPrice && !isOos ? '<div class="prod-price-old">'+product.oldPrice.toLocaleString()+' د.ع</div>':'' }
        <div class="prod-price">\${product.price.toLocaleString()} د.ع</div>
      </div>
    </div>
  </div>\`;
}

// ═══════════════════════════════════════════════════════
//  ACCOUNT PAGE
// ═══════════════════════════════════════════════════════
let _acctSection  = 'main';
let _acctLoading  = false;
let _acctOrders   = [];
let _acctOrderItems = [];
let _acctSelOrder = null;
let _acctAdminOrders = _adminOrders;
let _acctSelAdminOrder = null;
let _acctRejections = [];
let _acctActionResult = null;
let _acctShowRejectModal = false;
let _acctRejectReason    = '';
let _acctRejectingId     = null;
let _settingsSaving = false;
let _settingsError  = '';
let _settingsSuccess= '';
let _editName  = '';
let _editPhone = '';
let _acctShowLogoutConfirm = false;

function renderAccount(){
  const el = document.getElementById('page-account');
  if(!el) return;

  if(!S.user){
    renderLoginForm(el);
    return;
  }

  if(_acctSection === 'orders')         renderOrdersSection(el);
  else if(_acctSection === 'order-detail') renderOrderDetail(el);
  else if(_acctSection === 'settings')  renderSettingsSection(el);
  else if(_acctSection === 'admin-orders') renderAdminOrdersSection(el);
  else if(_acctSection === 'admin-order-detail') renderAdminOrderDetail(el);
  else                                   renderAccountMain(el);
}

// --- Login / Register ---
let _authIsReg  = false;
let _authPhone  = '';
let _authPwd    = '';
let _authName   = '';
let _authError  = '';
let _authLoading= false;
let _pendingCaptcha = false;
let _captchaAction  = null;

function renderLoginForm(el){
  const isAdmin = _authPhone.trim() === '911';
  el.innerHTML = \\`
    <div class="page-wrap">
      <div class="auth-card">
        <div class="auth-icon-wrap">\${icon('user',24)}</div>
        <h2 style="font-family:Cairo,sans-serif;font-size:1.5rem;font-weight:800;text-align:center;margin-bottom:.25rem">
          \${_authIsReg?'إنشاء حساب':'تسجيل الدخول'}
        </h2>
        <p style="text-align:center;font-size:.875rem;color:var(--muted-fg);margin-bottom:1.5rem">
          \${_authIsReg?'أنشئ حسابك في تيك زون':'مرحباً بك في تيك زون'}
        </p>

        <form onsubmit="handleAuthSubmit(event)">
          \${_authIsReg ? \`<div class="form-group">
            <div class="field-label">\${icon('user',14)} الاسم الكامل *</div>
            <input class="field-input" type="text" value="\${esc(_authName)}" oninput="_authName=this.value;_authError=''" placeholder="مثال: أحمد محمد"/>
          </div>\` : ''}

          <div class="form-group">
            <div class="field-label">\${icon('phone',14)} رقم الهاتف *</div>
            <input class="field-input" type="tel" value="\${esc(_authPhone)}" oninput="_authPhone=this.value;_authError=''" placeholder="07xxxxxxxxx" dir="ltr"/>
          </div>

          <div class="form-group">
            <div class="field-label">\${icon('lock',14)} كلمة المرور *</div>
            <input class="field-input" type="password" value="\${esc(_authPwd)}" oninput="_authPwd=this.value;_authError=''" placeholder="••••••••" dir="ltr"/>
          </div>

          \${_authError ? \`<div class="alert-box alert-err" style="margin-bottom:.75rem">\${icon('warn',14)} \${esc(_authError)}</div>\`:''}

          <button type="submit" class="btn-primary" \${_authLoading?'disabled':''}>
            \${_authLoading?'<span>جاري الدخول...</span>': (isAdmin&&!_authIsReg?'دخول الإدارة':_authIsReg?'التالي: التحقق من الهوية':'التالي: التحقق من الهوية')}
          </button>
        </form>

        <div style="margin-top:1.5rem;text-align:center;font-size:.875rem">
          <span style="color:var(--muted-fg)">\${_authIsReg?'لديك حساب بالفعل؟ ':'ليس لديك حساب؟ '}</span>
          <button onclick="toggleAuthMode()" style="font-weight:700;color:var(--primary)">\${_authIsReg?'سجل دخولك':'سجل الآن'}</button>
        </div>
      </div>
      <p style="text-align:center;font-size:.75rem;color:var(--muted-fg);margin-top:1rem">
        يُطلب منك التحقق البشري في كل عملية تسجيل دخول لحماية حسابك
      </p>
    </div>\`;
}

function toggleAuthMode(){ _authIsReg = !_authIsReg; _authError = ''; renderAccount(); }

async function handleAuthSubmit(e){
  e.preventDefault();
  _authError = '';
  const isAdmin = _authPhone.trim() === '911';
  const cleaned = _authPhone.replace(/\\D/g,'');

  if(!isAdmin && cleaned.length < 9){ _authError = 'أدخل رقم هاتف صحيح (9 أرقام على الأقل)'; renderAccount(); return; }
  if(!_authPwd || _authPwd.length < 6){ _authError = 'كلمة المرور يجب أن تكون 6 أحرف على الأقل'; renderAccount(); return; }
  if(_authIsReg && !_authName.trim()){ _authError = 'يرجى إدخال الاسم الكامل'; renderAccount(); return; }

  if(isAdmin){
    _authLoading = true; renderAccount();
    try{
      const res = await fetch('/api/auth/login',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({phone:'911',password:_authPwd})});
      const d = await res.json();
      if(!res.ok){ _authError = d.error==='wrong_password'?'كلمة المرور غير صحيحة':'حدث خطأ'; }
      else{ S.user = {...d.user, is_admin:true}; save(); _authPhone='';_authPwd='';_authName=''; _acctSection='main'; }
    }catch{ _authError='تعذّر الاتصال بالخادم'; }
    _authLoading = false; renderAccount(); return;
  }

  // Show captcha
  openCaptchaModal('auth');
}

function openCaptchaModal(action){
  _captchaAction = action;
  const c = document.getElementById('captcha-container');
  c.innerHTML = \\`
    <div id="captcha-overlay">
      <div class="captcha-box">
        <div style="display:flex;flex-direction:column;align-items:center;margin-bottom:1.5rem">
          <div style="width:56px;height:56px;border-radius:1rem;background:rgba(59,130,246,.1);display:flex;align-items:center;justify-content:center;margin-bottom:1rem;color:var(--primary)">\${icon('shield',28)}</div>
          <h2 style="font-family:Cairo,sans-serif;font-size:1.25rem;font-weight:800">التحقق من الهوية</h2>
          <p style="font-size:.875rem;color:var(--muted-fg);margin-top:.25rem">أثبت أنك لست روبوتاً للمتابعة</p>
        </div>
        <div id="recaptcha-widget" style="display:flex;justify-content:center;margin-bottom:1rem"></div>
        <div id="captcha-error" style="color:var(--destructive);font-size:.75rem;margin-bottom:.75rem;display:none">يرجى إتمام التحقق أولاً</div>
        <div style="display:flex;gap:.75rem">
          <button class="cancel-btn" onclick="closeCaptchaModal()">إلغاء</button>
          <button class="btn-primary" onclick="verifyCaptcha()" style="flex:1">تحقق</button>
        </div>
      </div>
    </div>\`;

  // Render reCAPTCHA
  if(window.grecaptcha){
    try{
      window._captchaWidgetId = grecaptcha.render('recaptcha-widget', {
        sitekey: '6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI',
        callback: (token) => { window._captchaToken = token; },
        hl: 'ar',
      });
    }catch{}
  }
}

function closeCaptchaModal(){
  document.getElementById('captcha-container').innerHTML = '';
  _captchaAction = null;
  window._captchaToken = null;
}

async function verifyCaptcha(){
  const token = window._captchaToken || '';
  if(!token){ document.getElementById('captcha-error').style.display='block'; return; }
  closeCaptchaModal();
  if(_captchaAction === 'auth')        await doAuthWithCaptcha(token);
  if(_captchaAction === 'clear-susp')  await doClearSuspicious(token);
}

async function doAuthWithCaptcha(token){
  _authLoading = true; renderAccount();
  try{
    const endpoint = _authIsReg ? '/api/auth/register' : '/api/auth/login';
    const body = {phone:_authPhone, password:_authPwd, recaptchaToken:token};
    if(_authIsReg) body.name = _authName;
    const res = await fetch(endpoint,{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify(body)});
    const d   = await res.json();
    if(!res.ok){
      if(d.error==='recaptcha_failed') _authError = 'فشل التحقق من reCAPTCHA، حاول مجدداً';
      else if(d.error==='phone_exists') _authError = 'رقم الهاتف مسجّل مسبقاً، حاول تسجيل الدخول';
      else if(d.error==='not_found') _authError = 'لا يوجد حساب بهذا الرقم، قم بالتسجيل أولاً';
      else if(d.error==='wrong_password') _authError = 'كلمة المرور غير صحيحة';
      else _authError = 'حدث خطأ، حاول مجدداً';
    } else {
      S.user = d.user; save();
      _authPhone=''; _authPwd=''; _authName=''; _authError=''; _acctSection='main';
      if(d.user.suspicious) openSuspiciousModal();
      loadRejectionNotifs();
    }
  }catch{ _authError='تعذّر الاتصال بالخادم'; }
  _authLoading = false; renderAccount();
}

async function loadRejectionNotifs(){
  if(!S.user || S.user.is_admin) return;
  try{
    const r = await fetch('/api/notifications/'+encodeURIComponent(S.user.phone));
    const d = await r.json();
    _acctRejections = d.rejections || [];
    if(_acctRejections.length > 0 && _acctSection === 'main') renderAccount();
  }catch{}
}

async function ackNotifications(){
  if(!S.user) return;
  try{
    await fetch('/api/notifications/'+encodeURIComponent(S.user.phone)+'/ack',{method:'POST'});
    _acctRejections = [];
    renderAccount();
  }catch{}
}

// --- Account Main ---
function renderAccountMain(el){
  const u = S.user;
  const initials = u.name ? u.name.charAt(0) : '؟';
  const isAdmin = u.is_admin;

  const rejBanner = !isAdmin && _acctRejections.length > 0 ? \\`
    <div class="notif-banner">
      <div style="display:flex;align-items:center;justify-content:space-between;margin-bottom:.5rem">
        <div style="display:flex;align-items:center;gap:.5rem;font-weight:700;color:var(--amber)">\${icon('bell',16)} إشعارات الطلبات (\${_acctRejections.length})</div>
        <button onclick="ackNotifications()" style="font-size:.75rem;color:var(--muted-fg)">تجاهل الكل</button>
      </div>
      \${_acctRejections.map(r=>\\`
        <div class="notif-item">
          <div style="font-size:.875rem;font-weight:700;color:var(--destructive)">طلب #\${r.id} مرفوض</div>
          <div style="font-size:.8125rem;color:var(--muted-fg);margin-top:.25rem">السبب: \${esc(r.rejection_reason||'')}</div>
          <div style="font-size:.75rem;color:var(--muted-fg);margin-top:.125rem">الإجمالي: \${r.total?.toLocaleString()||0} د.ع • \${esc(r.date||'')}</div>
        </div>\`).join('')}
    </div>\` : '';

  el.innerHTML = \\`
    <div class="page-wrap">
      \${rejBanner}
      <div class="user-card">
        <div style="display:flex;align-items:center;gap:1rem;margin-bottom:1.25rem">
          <div class="user-avatar">\${initials}</div>
          <div>
            <div style="font-family:Cairo,sans-serif;font-size:1.125rem;font-weight:700">\${esc(u.name)}</div>
            <div style="font-size:.875rem;color:var(--muted-fg)">\${esc(u.phone)}</div>
            \${isAdmin?'<span style="font-size:.75rem;font-weight:700;color:var(--amber);background:rgba(245,158,11,.1);padding:.125rem .5rem;border-radius:999px">مدير</span>':''}
          </div>
        </div>
      </div>

      \${isAdmin ? \`
      <div onclick="loadAdminOrders()" class="menu-item">
        <div class="menu-item-left">
          <div class="menu-item-icon">\${icon('users',18)}</div>
          <span style="font-weight:600">إدارة الطلبات</span>
        </div>
        \${icon('arrowr',18)}
      </div>\` : \`
      <div onclick="loadUserOrders()" class="menu-item">
        <div class="menu-item-left">
          <div class="menu-item-icon">\${icon('pkg',18)}</div>
          <span style="font-weight:600">طلباتي</span>
        </div>
        \${icon('arrowr',18)}
      </div>\`}

      <div onclick="openSettingsSection()" class="menu-item">
        <div class="menu-item-left">
          <div class="menu-item-icon">\${icon('settings',18)}</div>
          <span style="font-weight:600">الإعدادات</span>
        </div>
        \${icon('arrowr',18)}
      </div>

      <div onclick="if(confirm('هل تريد تسجيل الخروج؟'))doLogout()" class="menu-item" style="border:1px solid rgba(239,68,68,.2)">
        <div class="menu-item-left">
          <div class="menu-item-icon" style="background:rgba(239,68,68,.1);color:var(--destructive)">\${icon('logout',18)}</div>
          <span style="font-weight:600;color:var(--destructive)">تسجيل الخروج</span>
        </div>
      </div>
    </div>\`;
}

function doLogout(){
  S.user = null; S.cart = []; save(); updateCartBadge();
  _acctSection = 'main'; _acctRejections = [];
  _authPhone=''; _authPwd=''; _authName=''; _authError='';
  renderAccount();
}

// --- Orders ---
async function loadUserOrders(){
  if(!S.user) return;
  _acctLoading = true; _acctSection = 'orders'; renderAccount();
  try{
    const r = await fetch('/api/orders?phone='+encodeURIComponent(S.user.phone));
    const d = await r.json();
    _acctOrders = d.orders || [];
  }catch{ _acctOrders = []; }
  _acctLoading = false; renderAccount();
}

function renderOrdersSection(el){
  const statusBadge = status => {
    if(status==='تم التوصيل') return '<span class="status-badge status-delivered">'+icon('checkcircle',12)+' تم التوصيل</span>';
    if(status==='مرفوض')      return '<span class="status-badge status-rejected">'+icon('xcircle',12)+' مرفوض</span>';
    return '<span class="status-badge status-pending">'+icon('clock',12)+' قيد المعالجة</span>';
  };

  el.innerHTML = \\`
    <div class="page-wrap">
      <button class="back-btn" onclick="_acctSection='main';renderAccount()">\${icon('arrowr',18)} طلباتي</button>
      \${_acctLoading ? '<p style="color:var(--muted-fg);text-align:center;padding:3rem 0">جاري التحميل...</p>' :
        _acctOrders.length === 0 ? '<p style="color:var(--muted-fg);text-align:center;padding:3rem 0">لا توجد طلبات بعد</p>' :
        _acctOrders.map(o=>\\`
          <div class="order-card" onclick="loadOrderDetail(\${o.id})">
            <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:.5rem">
              <span style="font-family:Cairo,sans-serif;font-weight:700">طلب #\${o.id}</span>
              \${statusBadge(o.status)}
            </div>
            <div style="font-size:.8125rem;color:var(--muted-fg)">\${esc(o.date||'')} • \${(o.total||0).toLocaleString()} د.ع</div>
          </div>\`).join('')}
    </div>\`;
}

async function loadOrderDetail(orderId){
  if(!S.user) return;
  _acctSelOrder = _acctOrders.find(o=>o.id===orderId) || null;
  _acctSection = 'order-detail'; renderAccount();
  try{
    const r = await fetch('/api/orders/'+orderId+'?phone='+encodeURIComponent(S.user.phone));
    const d = await r.json();
    _acctOrderItems = d.items || [];
    renderAccount();
  }catch{ _acctOrderItems = []; }
}

function renderOrderDetail(el){
  const o = _acctSelOrder;
  if(!o){ el.innerHTML = '<div class="page-wrap"><button class="back-btn" onclick="_acctSection=\'orders\';renderAccount()">رجوع</button></div>'; return; }

  const statusBadge = s => {
    if(s==='تم التوصيل') return '<span class="status-badge status-delivered">'+icon('checkcircle',12)+' تم التوصيل</span>';
    if(s==='مرفوض')      return '<span class="status-badge status-rejected">'+icon('xcircle',12)+' مرفوض</span>';
    return '<span class="status-badge status-pending">'+icon('clock',12)+' قيد المعالجة</span>';
  };

  el.innerHTML = \\`
    <div class="page-wrap">
      <button class="back-btn" onclick="_acctSection='orders';renderAccount()">\${icon('arrowr',18)} طلب #\${o.id}</button>
      <div class="user-card">
        <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:.75rem">
          <span style="font-family:Cairo,sans-serif;font-weight:700">طلب #\${o.id}</span>
          \${statusBadge(o.status)}
        </div>
        <div style="font-size:.875rem;color:var(--muted-fg);display:flex;flex-direction:column;gap:.25rem">
          <div>\${icon('clock',14)} التاريخ: \${esc(o.date||'')}</div>
          <div>\${icon('map',14)} العنوان: \${esc(o.address||'')}</div>
          <div>\${icon('phone',14)} الهاتف: \${esc(o.delivery_phone||'')}</div>
          \${o.notes?'<div>'+icon('file',14)+' ملاحظات: '+esc(o.notes)+'</div>':''}
          \${o.rejection_reason?'<div style="color:var(--destructive)">'+icon('xcircle',14)+' سبب الرفض: '+esc(o.rejection_reason)+'</div>':''}
        </div>
      </div>
      <h3 style="font-family:Cairo,sans-serif;font-weight:700;margin-bottom:.75rem">المنتجات</h3>
      \${_acctOrderItems.map(item=>\\`
        <div class="order-card" style="cursor:default;display:flex;align-items:center;gap:.75rem">
          <img src="\${esc(item.product_image||'')}" style="width:48px;height:48px;border-radius:.5rem;object-fit:contain;background:rgba(255,255,255,.04)"/>
          <div style="flex:1">
            <div style="font-size:.875rem;font-weight:600">\${esc(item.product_name||'')}</div>
            <div style="font-size:.8125rem;color:var(--muted-fg)">\${(item.price||0).toLocaleString()} د.ع × \${item.quantity||1}</div>
          </div>
          <div style="font-weight:700;color:var(--primary)">\${((item.price||0)*(item.quantity||1)).toLocaleString()} د.ع</div>
        </div>\`).join('')}
      <div style="margin-top:1rem;padding:1rem;background:var(--secondary);border-radius:.75rem">
        <div class="price-row"><span>الإجمالي</span><span style="font-weight:700;color:var(--primary)">\${(o.total||0).toLocaleString()} د.ع</span></div>
      </div>
    </div>\`;
}

// --- Admin Orders ---
async function loadAdminOrders(){
  _acctLoading = true; _acctSection = 'admin-orders'; renderAccount();
  try{
    const r = await fetch('/api/admin/orders?adminPhone=911');
    const d = await r.json();
    _adminOrders = d.orders || [];
    _acctAdminOrders = _adminOrders;
  }catch{ _acctAdminOrders = []; }
  _acctLoading = false; renderAccount();
}

function renderAdminOrdersSection(el){
  el.innerHTML = \\`
    <div class="page-wrap">
      <button class="back-btn" onclick="_acctSection='main';renderAccount()">\${icon('arrowr',18)} إدارة الطلبات</button>
      \${_acctActionResult ? \`<div class="alert-box \${_acctActionResult.type==='success'?'alert-warn':'alert-err'}" style="margin-bottom:1rem">\${_acctActionResult.msg}</div>\` : ''}
      \${_acctLoading ? '<p style="color:var(--muted-fg);text-align:center;padding:3rem 0">جاري التحميل...</p>' :
        _acctAdminOrders.length === 0 ? '<p style="color:var(--muted-fg);text-align:center;padding:3rem 0">لا توجد طلبات</p>' :
        _acctAdminOrders.map(o=>\\`
          <div class="order-card" onclick="selectAdminOrder(\${o.id})">
            <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:.5rem">
              <div>
                <span style="font-family:Cairo,sans-serif;font-weight:700">طلب #\${o.id}</span>
                <span style="font-size:.8125rem;color:var(--muted-fg);margin-right:.5rem">\${esc(o.user_name||o.user_phone||'')}</span>
              </div>
              \${statusBadge(o.status)}
            </div>
            <div style="font-size:.8125rem;color:var(--muted-fg)">\${esc(o.date||'')} • \${(o.total||0).toLocaleString()} د.ع</div>
          </div>\`).join('')}
    </div>\`;
}

function statusBadge(s){
  if(s==='تم التوصيل') return '<span class="status-badge status-delivered">'+icon('checkcircle',12)+' تم التوصيل</span>';
  if(s==='مرفوض')      return '<span class="status-badge status-rejected">'+icon('xcircle',12)+' مرفوض</span>';
  return '<span class="status-badge status-pending">'+icon('clock',12)+' قيد المعالجة</span>';
}

function selectAdminOrder(id){
  _acctSelAdminOrder = _acctAdminOrders.find(o=>o.id===id) || null;
  _acctSection = 'admin-order-detail';
  _acctActionResult = null;
  renderAccount();
}

function renderAdminOrderDetail(el){
  const o = _acctSelAdminOrder;
  if(!o){ el.innerHTML='<div class="page-wrap"><button class="back-btn" onclick="_acctSection=\'admin-orders\';renderAccount()">رجوع</button></div>'; return; }

  const items = o.items || [];

  el.innerHTML = \\`
    <div class="page-wrap">
      <button class="back-btn" onclick="_acctSection='admin-orders';renderAccount()">\${icon('arrowr',18)} طلب #\${o.id}</button>
      \${_acctActionResult ? \`<div class="alert-box \${_acctActionResult.type==='success'?'alert-warn':'alert-err'}" style="margin-bottom:1rem">\${_acctActionResult.msg}</div>\` : ''}
      <div class="user-card">
        <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:.75rem">
          <span style="font-family:Cairo,sans-serif;font-weight:700">طلب #\${o.id}</span>
          \${statusBadge(o.status)}
        </div>
        <div style="font-size:.875rem;color:var(--muted-fg);display:flex;flex-direction:column;gap:.25rem">
          <div>\${icon('user',14)} العميل: \${esc(o.user_name||'')} (\${esc(o.user_phone||'')})</div>
          <div>\${icon('phone',14)} الهاتف: \${esc(o.delivery_phone||'')}</div>
          <div>\${icon('map',14)} العنوان: \${esc(o.address||'')}</div>
          \${o.notes?'<div>'+icon('file',14)+' ملاحظات: '+esc(o.notes)+'</div>':''}
          \${o.rejection_reason?'<div style="color:var(--destructive)">'+icon('xcircle',14)+' سبب الرفض: '+esc(o.rejection_reason)+'</div>':''}
        </div>
      </div>
      <h3 style="font-family:Cairo,sans-serif;font-weight:700;margin-bottom:.75rem">المنتجات</h3>
      \${items.map(item=>\\`
        <div class="order-card" style="cursor:default;display:flex;align-items:center;gap:.75rem">
          <img src="\${esc(item.product_image||'')}" style="width:48px;height:48px;border-radius:.5rem;object-fit:contain;background:rgba(255,255,255,.04)"/>
          <div style="flex:1">
            <div style="font-size:.875rem;font-weight:600">\${esc(item.product_name||'')}</div>
            <div style="font-size:.8125rem;color:var(--muted-fg)">\${(item.price||0).toLocaleString()} د.ع × \${item.quantity||1}</div>
          </div>
          <div style="font-weight:700;color:var(--primary)">\${((item.price||0)*(item.quantity||1)).toLocaleString()} د.ع</div>
        </div>\`).join('')}
      <div style="margin-top:1rem;padding:1rem;background:var(--secondary);border-radius:.75rem">
        <div class="price-row"><span>الإجمالي</span><span style="font-weight:700;color:var(--primary)">\${(o.total||0).toLocaleString()} د.ع</span></div>
      </div>
      \${o.status !== 'تم التوصيل' && o.status !== 'مرفوض' ? \`
      <div style="display:flex;gap:.75rem;margin-top:1rem">
        <button onclick="adminMarkDelivered(\${o.id})" class="btn-primary" style="flex:1">\${icon('truck',16)} تم التوصيل</button>
        <button onclick="openRejectModal(\${o.id})" class="btn-primary" style="flex:1;background:var(--destructive)">\${icon('xcircle',16)} رفض</button>
      </div>\` : ''}
    </div>\`;
}

async function adminMarkDelivered(orderId){
  _acctActionResult = null;
  try{
    const res = await fetch('/api/orders/'+orderId+'/status',{method:'PATCH',headers:{'Content-Type':'application/json'},body:JSON.stringify({status:'تم التوصيل',adminPhone:'911'})});
    if(!res.ok) throw new Error();
    _acctActionResult = {type:'success',msg:'تم تحديث الحالة إلى (تم التوصيل)'};
    if(_acctSelAdminOrder) _acctSelAdminOrder.status = 'تم التوصيل';
    _acctAdminOrders = _acctAdminOrders.map(o=>o.id===orderId?{...o,status:'تم التوصيل'}:o);
  }catch{ _acctActionResult = {type:'error',msg:'حدث خطأ، حاول مجدداً'}; }
  renderAccount();
}

function openRejectModal(orderId){
  _acctRejectingId  = orderId;
  _acctRejectReason = '';
  _acctShowRejectModal = true;
  const c = document.getElementById('admin-modal-container');
  c.innerHTML = \\`
    <div class="reject-modal-overlay" onclick="closeRejectModal()">
      <div class="reject-modal" onclick="event.stopPropagation()">
        <h3 style="font-family:Cairo,sans-serif;font-size:1.125rem;font-weight:700;margin-bottom:1rem">رفض الطلب</h3>
        <div class="field-group">
          <label>سبب الرفض *</label>
          <textarea id="reject-reason-input" rows="3" class="field-input" placeholder="اكتب سبب الرفض..." oninput="_acctRejectReason=this.value"></textarea>
        </div>
        <div style="display:flex;gap:.75rem;margin-top:1rem">
          <button class="cancel-btn" onclick="closeRejectModal()">إلغاء</button>
          <button class="btn-primary" style="flex:1;background:var(--destructive)" onclick="confirmReject()">تأكيد الرفض</button>
        </div>
      </div>
    </div>\`;
}

function closeRejectModal(){
  document.getElementById('admin-modal-container').innerHTML = '';
  _acctShowRejectModal = false;
}

async function confirmReject(){
  if(!_acctRejectingId || !_acctRejectReason.trim()) return;
  try{
    const res = await fetch('/api/orders/'+_acctRejectingId+'/reject',{method:'PATCH',headers:{'Content-Type':'application/json'},body:JSON.stringify({reason:_acctRejectReason.trim(),adminPhone:'911'})});
    if(!res.ok) throw new Error();
    _acctActionResult = {type:'success',msg:'تم رفض الطلب'};
    if(_acctSelAdminOrder){ _acctSelAdminOrder.status='مرفوض'; _acctSelAdminOrder.rejection_reason=_acctRejectReason.trim(); }
    _acctAdminOrders = _acctAdminOrders.map(o=>o.id===_acctRejectingId?{...o,status:'مرفوض',rejection_reason:_acctRejectReason.trim()}:o);
  }catch{ _acctActionResult = {type:'error',msg:'حدث خطأ، حاول مجدداً'}; }
  closeRejectModal();
  renderAccount();
}

// --- Settings ---
function openSettingsSection(){
  _editName = S.user?.name || '';
  _editPhone = S.user?.phone || '';
  _settingsError = ''; _settingsSuccess = '';
  _acctSection = 'settings'; renderAccount();
}

function renderSettingsSection(el){
  el.innerHTML = \\`
    <div class="page-wrap">
      <button class="back-btn" onclick="_acctSection='main';renderAccount()">\${icon('arrowr',18)} الإعدادات</button>
      <div class="auth-card">
        <h3 style="font-family:Cairo,sans-serif;font-size:1.125rem;font-weight:700;margin-bottom:1.25rem">تعديل البيانات</h3>
        <div class="form-group">
          <div class="field-label">\${icon('user',14)} الاسم الكامل</div>
          <input class="field-input" type="text" value="\${esc(_editName)}" oninput="_editName=this.value;_settingsError='';_settingsSuccess=''"/>
        </div>
        <div class="form-group">
          <div class="field-label">\${icon('phone',14)} رقم الهاتف</div>
          <input class="field-input" type="tel" value="\${esc(_editPhone)}" oninput="_editPhone=this.value;_settingsError='';_settingsSuccess=''" dir="ltr"/>
        </div>
        \${_settingsError ? '<div class="alert-box alert-err">'+icon('warn',14)+' '+esc(_settingsError)+'</div>' : ''}
        \${_settingsSuccess ? '<div class="alert-box alert-warn">'+icon('check',14)+' '+esc(_settingsSuccess)+'</div>' : ''}
        <button class="btn-primary" onclick="saveSettings()" \${_settingsSaving?'disabled':''}>
          \${_settingsSaving?'جاري الحفظ...':icon('save',16)+' حفظ التغييرات'}
        </button>
      </div>
    </div>\`;
}

async function saveSettings(){
  if(!S.user) return;
  _settingsError=''; _settingsSuccess='';
  const nameChanged  = _editName.trim()  && _editName.trim()  !== S.user.name;
  const phoneChanged = _editPhone.trim() && _editPhone.replace(/\\D/g,'') !== S.user.phone.replace(/\\D/g,'');
  if(!nameChanged && !phoneChanged){ _settingsError='لم تقم بأي تغيير'; renderAccount(); return; }
  if(phoneChanged && _editPhone.replace(/\\D/g,'').length < 9){ _settingsError='أدخل رقم هاتف صحيح'; renderAccount(); return; }
  _settingsSaving = true; renderAccount();
  try{
    const body = {phone: S.user.phone};
    if(nameChanged)  body.newName  = _editName.trim();
    if(phoneChanged) body.newPhone = _editPhone.trim();
    const res = await fetch('/api/auth/profile',{method:'PATCH',headers:{'Content-Type':'application/json'},body:JSON.stringify(body)});
    const d   = await res.json();
    if(!res.ok){ _settingsError = d.error==='phone_exists'?'رقم الهاتف مسجّل مسبقاً':d.error||'حدث خطأ'; }
    else{
      if(nameChanged) S.user.name = _editName.trim();
      if(phoneChanged) S.user.phone = _editPhone.replace(/\\s/g,'');
      save(); _settingsSuccess = 'تم حفظ التغييرات بنجاح';
    }
  }catch{ _settingsError='تعذّر الاتصال بالخادم'; }
  _settingsSaving = false; renderAccount();
}

// ═══════════════════════════════════════════════════════
//  SUSPICIOUS MODAL
// ═══════════════════════════════════════════════════════
let _suspStep = 'warning';

function openSuspiciousModal(){
  _suspStep = 'warning';
  renderSuspiciousModal();
  document.getElementById('suspicious-overlay').style.display = 'flex';
}

function closeSuspiciousModal(){
  document.getElementById('suspicious-overlay').style.display = 'none';
}

function renderSuspiciousModal(){
  const c = document.getElementById('susp-content');
  if(_suspStep === 'warning'){
    c.innerHTML = \\`
      <div style="display:flex;flex-direction:column;align-items:center;text-align:center;gap:1rem">
        <div style="width:64px;height:64px;border-radius:1rem;background:rgba(239,68,68,.1);display:flex;align-items:center;justify-content:center;color:var(--destructive)">\${icon('warn',32)}</div>
        <h2 style="font-family:Cairo,sans-serif;font-size:1.25rem;font-weight:800">تنبيه مهم</h2>
        <p style="font-size:.875rem;color:var(--muted-fg);line-height:1.75">
          لقد تم تعليق حسابك بسبب نشاط غير مألوف. لاستمرار الاستخدام، يرجى التحقق من هويتك.
        </p>
        <div style="display:flex;gap:.75rem;width:100%">
          <button class="cancel-btn" onclick="closeSuspiciousModal()" style="flex:1">لاحقاً</button>
          <button class="btn-primary" onclick="_suspStep='captcha';renderSuspiciousModal()" style="flex:1">التحقق الآن</button>
        </div>
      </div>\`;
  } else if(_suspStep === 'captcha'){
    c.innerHTML = \\`
      <div style="display:flex;flex-direction:column;align-items:center;text-align:center;gap:1rem">
        <div style="width:56px;height:56px;border-radius:1rem;background:rgba(59,130,246,.1);display:flex;align-items:center;justify-content:center;color:var(--primary)">\${icon('shield',28)}</div>
        <h2 style="font-family:Cairo,sans-serif;font-size:1.125rem;font-weight:800">التحقق من الهوية</h2>
        <div id="susp-recaptcha" style="display:flex;justify-content:center"></div>
        <div id="susp-err" style="color:var(--destructive);font-size:.75rem;display:none">يرجى إتمام التحقق</div>
        <div style="display:flex;gap:.75rem;width:100%">
          <button class="cancel-btn" onclick="_suspStep='warning';renderSuspiciousModal()">رجوع</button>
          <button class="btn-primary" onclick="verifySuspiciousCaptcha()" style="flex:1">تحقق</button>
        </div>
      </div>\`;
    if(window.grecaptcha){
      try{
        window._suspCaptchaId = grecaptcha.render('susp-recaptcha',{
          sitekey:'6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI',
          callback: t => { window._suspToken = t; },
          hl:'ar',
        });
      }catch{}
    }
  } else {
    c.innerHTML = \\`
      <div style="display:flex;flex-direction:column;align-items:center;text-align:center;gap:1rem">
        <div style="width:64px;height:64px;border-radius:50%;background:rgba(34,197,94,.1);display:flex;align-items:center;justify-content:center;color:var(--green)">\${icon('checkbig',36)}</div>
        <h2 style="font-family:Cairo,sans-serif;font-size:1.25rem;font-weight:800">تم التحقق بنجاح</h2>
        <p style="color:var(--muted-fg);font-size:.875rem">تم رفع التعليق عن حسابك يمكنك الآن التسوق بحرية.</p>
        <button class="btn-primary" onclick="closeSuspiciousModal()">متابعة التسوق</button>
      </div>\`;
  }
}

async function verifySuspiciousCaptcha(){
  const token = window._suspToken;
  if(!token){ document.getElementById('susp-err').style.display='block'; return; }
  try{
    const res = await fetch('/api/auth/clear-suspicious',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({phone:S.user?.phone,recaptchaToken:token})});
    if(!res.ok) throw new Error();
    if(S.user) S.user.suspicious = false;
    save(); _suspStep = 'done'; renderSuspiciousModal();
  }catch{
    const e = document.getElementById('susp-err');
    if(e){ e.textContent='فشل التحقق، حاول مجدداً'; e.style.display='block'; }
  }
}

async function doClearSuspicious(token){
  try{
    const res = await fetch('/api/auth/clear-suspicious',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({phone:S.user?.phone,recaptchaToken:token})});
    if(res.ok && S.user){ S.user.suspicious=false; save(); renderAccount(); }
  }catch{}
}

// ═══════════════════════════════════════════════════════
//  ADMIN MODALS: ADS / PRODUCTS / CATEGORIES
// ═══════════════════════════════════════════════════════
const GRADIENTS=[
  {label:'أزرق',value:'from-blue-600/85 to-background'},
  {label:'بنفسجي',value:'from-purple-600/85 to-background'},
  {label:'سماوي',value:'from-cyan-600/85 to-background'},
  {label:'أخضر',value:'from-green-600/85 to-background'},
  {label:'برتقالي',value:'from-orange-600/85 to-background'},
  {label:'أحمر',value:'from-red-600/85 to-background'},
  {label:'وردي',value:'from-pink-600/85 to-background'},
];

let _adminModal = null; // current modal state

function openAdminModal(html){
  const c = document.getElementById('admin-modal-container');
  c.innerHTML = \\`<div class="modal-overlay" onclick="event.target===this&&closeAdminModal()">\${html}</div>\`;
}
function closeAdminModal(){
  document.getElementById('admin-modal-container').innerHTML = '';
  _adminModal = null;
}

// ── ADS ──────────────────────────────────────
function openAddAdModal(){ showAdModal(null); }
function editAd(id){ showAdModal(S.ads.find(a=>a.id===id)); }

function showAdModal(ad){
  _adminModal = {
    type:'ad', id:ad?.id||null,
    title:ad?.title||'', subtitle:ad?.subtitle||'',
    image:ad?.image||'', gradient:ad?.gradient||GRADIENTS[0].value,
    loading:false, error:'', uploading:false,
  };
  renderAdModal();
}

function renderAdModal(){
  const m = _adminModal;
  openAdminModal(\\`
    <div class="modal-box" onclick="event.stopPropagation()">
      <div class="modal-head">
        <h3 style="font-family:Cairo,sans-serif;font-size:1.125rem;font-weight:700">\${m.id?'تعديل الإعلان':'إضافة إعلان'}</h3>
        <button class="drawer-close" onclick="closeAdminModal()">\${icon('x',18)}</button>
      </div>
      <div class="modal-body-scroll">
        <div class="field-group">
          <label>العنوان</label>
          <input type="text" value="\${esc(m.title)}" oninput="_adminModal.title=this.value" placeholder="عنوان الإعلان"/>
        </div>
        <div class="field-group">
          <label>النص الثانوي</label>
          <input type="text" value="\${esc(m.subtitle)}" oninput="_adminModal.subtitle=this.value" placeholder="نص مساعد للإعلان"/>
        </div>
        <div class="field-group">
          <label>صورة الإعلان *</label>
          \${imageUploadHTML(m.image, 'handleAdImageChange', 'wide')}
        </div>
        <div class="field-group">
          <label>اللون / التدرج</label>
          <div class="gradient-options">
            \${GRADIENTS.map(g=>\\`<button class="gradient-chip \${m.gradient===g.value?'selected':''}" onclick="_adminModal.gradient='\${g.value}';renderAdModal()">\${g.label}</button>\`).join('')}
          </div>
        </div>
        \${m.error?'<div class="alert-box alert-err">'+icon('warn',14)+' '+esc(m.error)+'</div>':''}
      </div>
      <div class="modal-foot-btns">
        <button class="cancel-btn" onclick="closeAdminModal()">إلغاء</button>
        <button class="save-btn" onclick="saveAd()" \${m.loading||m.uploading?'disabled':''}>
          \${m.loading?'<span>جاري الحفظ...</span>':icon('save',18)+' حفظ'}
        </button>
      </div>
    </div>\`);
}

async function handleAdImageChange(file){
  _adminModal.uploading=true; renderAdModal();
  const url = await uploadImageFile(file);
  _adminModal.uploading=false;
  if(url) _adminModal.image = url;
  else _adminModal.error = 'فشل رفع الصورة';
  renderAdModal();
}

async function saveAd(){
  const m = _adminModal;
  if(!m.image.trim()){ m.error='الصورة مطلوبة'; renderAdModal(); return; }
  m.loading=true; renderAdModal();
  try{
    const url = m.id ? '/api/admin/ads/'+m.id : '/api/admin/ads';
    const method = m.id ? 'PUT' : 'POST';
    const res = await fetch(url,{method,headers:{'Content-Type':'application/json'},body:JSON.stringify({adminPhone:'911',title:m.title,subtitle:m.subtitle,image:m.image,gradient:m.gradient})});
    if(!res.ok){ const d=await res.json(); m.error=d.error||'حدث خطأ'; m.loading=false; renderAdModal(); return; }
    closeAdminModal();
    await reloadAds();
  }catch{ m.error='تعذّر الاتصال'; m.loading=false; renderAdModal(); }
}

async function deleteAd(id){
  if(!confirm('هل تريد حذف هذا الإعلان؟')) return;
  try{
    await fetch('/api/admin/ads/'+id,{method:'DELETE',headers:{'Content-Type':'application/json'},body:JSON.stringify({adminPhone:'911'})});
    await reloadAds();
  }catch{}
}

// ── PRODUCTS ─────────────────────────────────
let _addChoiceModal = false;
function openAddChoiceModal(){
  const c = document.getElementById('admin-modal-container');
  c.innerHTML = \\`
    <div class="modal-overlay" onclick="event.target===this&&(document.getElementById('admin-modal-container').innerHTML='')">
      <div class="modal-box" onclick="event.stopPropagation()" style="max-width:320px">
        <div class="modal-head">
          <h3 style="font-family:Cairo,sans-serif;font-weight:700">إضافة جديد</h3>
          <button class="drawer-close" onclick="document.getElementById('admin-modal-container').innerHTML=''">\${icon('x',18)}</button>
        </div>
        <div style="padding:1rem;display:flex;flex-direction:column;gap:.75rem">
          <button class="menu-item" onclick="document.getElementById('admin-modal-container').innerHTML='';openAddProductModal(S.selectedCategory||S.categories[0]?.id||'')">
            <div class="menu-item-left"><div class="menu-item-icon">\${icon('pkg',18)}</div><span style="font-weight:600">إضافة منتج</span></div>
            \${icon('arrowr',18)}
          </button>
          <button class="menu-item" onclick="document.getElementById('admin-modal-container').innerHTML='';showCategoryModal(null)">
            <div class="menu-item-left"><div class="menu-item-icon">\${icon('more',18)}</div><span style="font-weight:600">إضافة قسم</span></div>
            \${icon('arrowr',18)}
          </button>
        </div>
      </div>
    </div>\`;
}

function openAddProductModal(defaultCat){
  showProductModal(null, defaultCat);
}
function editProduct(id){
  showProductModal(S.products.find(p=>p.id===id), null);
}

function showProductModal(product, defaultCat){
  const hasDiscount = !!(product?.oldPrice);
  const origPrice   = product?.oldPrice || product?.price || 0;
  const discPct     = product?.oldPrice ? Math.round((1-product.price/product.oldPrice)*100) : 5;

  _adminModal = {
    type:'product', id:product?.id||null,
    name:product?.name||'', image:product?.image||'', description:product?.description||'',
    priceStr: origPrice ? String(origPrice) : '',
    categoryId: product?.category || defaultCat || S.categories[0]?.id || '',
    addDiscount: hasDiscount, discountPct: discPct,
    outOfStock: product?.badge==='نفذت الكمية',
    rating: product?.rating||4.5, reviews: product?.reviews||0,
    badge: product?.badge||'',
    loading:false, error:'', uploading:false,
  };
  renderProductModal();
}

function renderProductModal(){
  const m = _adminModal;
  const price = parseInt(m.priceStr)||0;
  const discountedPrice = m.addDiscount && price > 0 ? Math.round(price*(1-m.discountPct/100)) : 0;

  openAdminModal(\\`
    <div class="modal-box" onclick="event.stopPropagation()">
      <div class="modal-head">
        <h3 style="font-family:Cairo,sans-serif;font-size:1.125rem;font-weight:700">\${m.id?'تعديل المنتج':'إضافة منتج'}</h3>
        <button class="drawer-close" onclick="closeAdminModal()">\${icon('x',18)}</button>
      </div>
      <div class="modal-body-scroll">
        <div class="field-group"><label>اسم المنتج *</label><input type="text" value="\${esc(m.name)}" oninput="_adminModal.name=this.value" placeholder="مثال: آيفون 15 برو"/></div>
        <div class="field-group"><label>صورة المنتج *</label>\${imageUploadHTML(m.image,'handleProdImageChange','square')}</div>
        <div class="field-group"><label>الوصف *</label><textarea rows="3" oninput="_adminModal.description=this.value" placeholder="وصف المنتج...">\${esc(m.description)}</textarea></div>
        <div class="field-group"><label>السعر الأصلي (بالدينار) *</label><input type="number" value="\${esc(m.priceStr)}" oninput="_adminModal.priceStr=this.value;renderProductModal()" placeholder="مثال: 1500000" dir="ltr"/></div>

        <div class="field-group"><label>القسم *</label>
          <select oninput="_adminModal.categoryId=this.value">
            \${S.categories.map(c=>\\`<option value="\${esc(c.id)}" \${c.id===m.categoryId?'selected':''}>\${esc(c.name)}</option>\`).join('')}
          </select>
        </div>

        <div class="toggle-row" onclick="_adminModal.addDiscount=!_adminModal.addDiscount;renderProductModal()">
          <span style="font-size:.875rem;font-weight:600">إضافة خصم</span>
          <div class="toggle-switch \${m.addDiscount?'on':''}"><div class="toggle-thumb"></div></div>
        </div>

        \${m.addDiscount ? \`
        <div class="field-group" style="margin-top:.75rem"><label>نسبة الخصم %</label>
          <input type="number" min="1" max="99" value="\${m.discountPct}" oninput="_adminModal.discountPct=parseInt(this.value)||5;renderProductModal()" dir="ltr"/>
          \${price>0&&discountedPrice>0?'<p style="font-size:.8125rem;color:var(--muted-fg);margin-top:.375rem">السعر بعد الخصم: '+discountedPrice.toLocaleString()+' د.ع</p>':''}
        </div>\` : ''}

        <div class="toggle-row" style="margin-top:.5rem" onclick="_adminModal.outOfStock=!_adminModal.outOfStock;renderProductModal()">
          <span style="font-size:.875rem;font-weight:600">نفذت الكمية</span>
          <div class="toggle-switch \${m.outOfStock?'on':''}"><div class="toggle-thumb"></div></div>
        </div>

        \${m.error?'<div class="alert-box alert-err" style="margin-top:.75rem">'+icon('warn',14)+' '+esc(m.error)+'</div>':''}
      </div>
      <div class="modal-foot-btns">
        <button class="cancel-btn" onclick="closeAdminModal()">إلغاء</button>
        <button class="save-btn" onclick="saveProduct()" \${m.loading||m.uploading?'disabled':''}>\${m.loading?'جاري الحفظ...':icon('save',18)+' حفظ'}</button>
      </div>
    </div>\`);
}

async function handleProdImageChange(file){
  _adminModal.uploading=true; renderProductModal();
  const url = await uploadImageFile(file);
  _adminModal.uploading=false;
  if(url) _adminModal.image=url;
  else _adminModal.error='فشل رفع الصورة';
  renderProductModal();
}

async function saveProduct(){
  const m = _adminModal;
  const price = parseInt(m.priceStr)||0;
  const discountedPrice = m.addDiscount && price>0 ? Math.round(price*(1-m.discountPct/100)) : 0;
  const finalPrice    = m.addDiscount ? discountedPrice : price;
  const finalOldPrice = m.addDiscount ? price : null;

  if(!m.name.trim()||!m.image.trim()||!m.description.trim()||!finalPrice||!m.categoryId){
    m.error='يرجى ملء جميع الحقول المطلوبة'; renderProductModal(); return;
  }
  const badge = m.outOfStock ? 'نفذت الكمية' : (m.badge==='نفذت الكمية'?null:m.badge||null);
  const body  = {adminPhone:'911',name:m.name.trim(),image:m.image.trim(),description:m.description.trim(),price:finalPrice,oldPrice:finalOldPrice,category:m.categoryId,rating:m.rating,reviews:m.reviews,badge};
  m.loading=true; renderProductModal();
  try{
    const url    = m.id ? '/api/admin/products/'+m.id : '/api/admin/products';
    const method = m.id ? 'PUT' : 'POST';
    const res    = await fetch(url,{method,headers:{'Content-Type':'application/json'},body:JSON.stringify(body)});
    if(!res.ok){ const d=await res.json(); m.error=d.error||'حدث خطأ'; m.loading=false; renderProductModal(); return; }
    closeAdminModal();
    await reloadProducts();
    if(S.selectedCategory) renderCategories();
  }catch{ m.error='تعذّر الاتصال'; m.loading=false; renderProductModal(); }
}

async function deleteProduct(id){
  if(!confirm('هل تريد حذف هذا المنتج؟')) return;
  try{
    await fetch('/api/admin/products/'+id,{method:'DELETE',headers:{'Content-Type':'application/json'},body:JSON.stringify({adminPhone:'911'})});
    await reloadProducts();
    renderCurrentPage();
  }catch{}
}

// ── CATEGORIES ────────────────────────────────
function editCategory(id){ showCategoryModal(S.categories.find(c=>c.id===id)); }

function showCategoryModal(cat){
  _adminModal = {type:'category', id:cat?.id||null, name:cat?.name||'', image:cat?.image||'', slug:cat?.id||'', loading:false, error:'', uploading:false};
  renderCategoryModal();
}

function renderCategoryModal(){
  const m = _adminModal;
  openAdminModal(\\`
    <div class="modal-box" onclick="event.stopPropagation()">
      <div class="modal-head">
        <h3 style="font-family:Cairo,sans-serif;font-size:1.125rem;font-weight:700">\${m.id?'تعديل القسم':'إضافة قسم'}</h3>
        <button class="drawer-close" onclick="closeAdminModal()">\${icon('x',18)}</button>
      </div>
      <div class="modal-body-scroll">
        \${!m.id?'<div class="field-group"><label>معرّف القسم (بالإنجليزية) *</label><input type="text" value="'+esc(m.slug)+'" oninput="_adminModal.slug=this.value" placeholder="مثال: smartphones" dir="ltr"/></div>':''}
        <div class="field-group"><label>اسم القسم *</label><input type="text" value="\${esc(m.name)}" oninput="_adminModal.name=this.value" placeholder="مثال: هواتف ذكية"/></div>
        <div class="field-group"><label>صورة القسم *</label>\${imageUploadHTML(m.image,'handleCatImageChange','square')}</div>
        \${m.error?'<div class="alert-box alert-err">'+icon('warn',14)+' '+esc(m.error)+'</div>':''}
      </div>
      <div class="modal-foot-btns">
        <button class="cancel-btn" onclick="closeAdminModal()">إلغاء</button>
        <button class="save-btn" onclick="saveCategory()" \${m.loading||m.uploading?'disabled':''}>\${m.loading?'جاري الحفظ...':icon('save',18)+' حفظ'}</button>
      </div>
    </div>\`);
}

async function handleCatImageChange(file){
  _adminModal.uploading=true; renderCategoryModal();
  const url = await uploadImageFile(file);
  _adminModal.uploading=false;
  if(url) _adminModal.image=url;
  else _adminModal.error='فشل رفع الصورة';
  renderCategoryModal();
}

async function saveCategory(){
  const m = _adminModal;
  if(!m.name.trim()||!m.image.trim()||(!m.id&&!m.slug.trim())){ m.error='يرجى ملء جميع الحقول'; renderCategoryModal(); return; }
  m.loading=true; renderCategoryModal();
  try{
    let res;
    if(m.id){
      res = await fetch('/api/admin/categories/'+m.id,{method:'PUT',headers:{'Content-Type':'application/json'},body:JSON.stringify({adminPhone:'911',name:m.name.trim(),image:m.image.trim()})});
    } else {
      res = await fetch('/api/admin/categories',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({adminPhone:'911',slug:m.slug.trim(),name:m.name.trim(),image:m.image.trim()})});
    }
    if(!res.ok){ const d=await res.json(); m.error=d.error==='slug_exists'?'معرّف القسم موجود مسبقاً':d.error||'حدث خطأ'; m.loading=false; renderCategoryModal(); return; }
    closeAdminModal();
    await reloadCategories();
    renderCurrentPage();
  }catch{ m.error='تعذّر الاتصال'; m.loading=false; renderCategoryModal(); }
}

async function deleteCategory(id){
  if(!confirm('هل تريد حذف هذا القسم؟')) return;
  try{
    await fetch('/api/admin/categories/'+id,{method:'DELETE',headers:{'Content-Type':'application/json'},body:JSON.stringify({adminPhone:'911'})});
    if(S.selectedCategory===id) S.selectedCategory=null;
    await reloadCategories();
    renderCurrentPage();
  }catch{}
}

// ═══════════════════════════════════════════════════════
//  IMAGE UPLOAD
// ═══════════════════════════════════════════════════════
function imageUploadHTML(currentUrl, changeHandler, aspectRatio='square'){
  const isWide = aspectRatio==='wide';
  if(currentUrl){
    return \\`<div class="upload-preview" onclick="triggerImageUpload('\${changeHandler}')">
      <img src="\${esc(currentUrl)}" style="height:\${isWide?'128':'160'}px;object-fit:cover;width:100%"/>
      <div class="upload-preview-hover">\${icon('upload',18)} تغيير الصورة</div>
      <input type="file" accept="image/*" style="display:none" id="img-input-\${changeHandler}" onchange="handleFileInputChange(event,'\${changeHandler}')"/>
    </div>\`;
  }
  return \\`<div class="upload-box" onclick="triggerImageUpload('\${changeHandler}')">
    <div style="color:var(--muted-fg)">\${icon('img',32)}</div>
    <div style="font-size:.875rem;font-weight:600">اضغط لرفع صورة</div>
    <div style="font-size:.75rem;color:var(--muted-fg)">JPG, PNG, WEBP — بحد أقصى 10MB</div>
    <input type="file" accept="image/*" style="display:none" id="img-input-\${changeHandler}" onchange="handleFileInputChange(event,'\${changeHandler}')"/>
  </div>\`;
}

function triggerImageUpload(handler){
  const inp = document.getElementById('img-input-'+handler);
  if(inp) inp.click();
}

function handleFileInputChange(event, handler){
  const file = event.target.files?.[0];
  if(!file) return;
  event.target.value='';
  window[handler](file);
}

async function uploadImageFile(file){
  try{
    const fd = new FormData();
    fd.append('image', file);
    const res = await fetch('/api/upload',{method:'POST',body:fd});
    if(!res.ok) return null;
    const d = await res.json();
    return d.url || null;
  }catch{ return null; }
}

// ═══════════════════════════════════════════════════════
//  DOT MENU
// ═══════════════════════════════════════════════════════
let _openDotMenu = null;

function dotMenuHTML(id, options){
  return \\`<div class="dot-menu" id="dotmenu-\${id}">
    <button class="dot-btn" onclick="toggleDotMenu('\${id}',event)">\${icon('more',16)}</button>
    <div class="dot-dropdown" id="dotdrop-\${id}" style="display:none">
      \${options.map(o=>\\`<button class="dot-option \${o.danger?'danger':''}" onclick="\${o.onclick};closeDotMenu()">\${icon(o.icon,16)} \${o.label}</button>\`).join('')}
    </div>
  </div>\`;
}

function toggleDotMenu(id, e){
  e.stopPropagation();
  const dd = document.getElementById('dotdrop-'+id);
  if(!dd) return;
  const isOpen = dd.style.display !== 'none';
  closeDotMenu();
  if(!isOpen){ dd.style.display='block'; _openDotMenu=id; }
}

function closeDotMenu(){
  if(_openDotMenu){
    const dd = document.getElementById('dotdrop-'+_openDotMenu);
    if(dd) dd.style.display='none';
    _openDotMenu=null;
  }
}

document.addEventListener('click', closeDotMenu);

// ═══════════════════════════════════════════════════════
//  UTILS
// ═══════════════════════════════════════════════════════
function esc(str){
  if(str==null) return '';
  return String(str).replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;').replace(/"/g,'&quot;').replace(/'/g,'&#39;');
}

// ═══════════════════════════════════════════════════════
//  LOADING SCREEN - تحسين الحركة
// ═══════════════════════════════════════════════════════
let _loaderStarted = false;

function runLoader(){
  if(_loaderStarted) return;
  _loaderStarted = true;
  
  const bar = document.getElementById('loader-bar');
  const pct = document.getElementById('loader-pct');
  const screen = document.getElementById('loading-screen');
  const app = document.getElementById('app');

  if(!bar || !pct || !screen || !app) {
    setTimeout(runLoader, 100);
    return;
  }

  if(localStorage.getItem('tz-seen-loader')){
    screen.style.display = 'none';
    app.style.display = 'block';
    return;
  }

  let progress = 0;
  let isComplete = false;

  const animateBar = () => {
    if(isComplete) return;
    
    const randomJump = Math.random() * (15 - 3) + 3;
    progress += randomJump;
    
    if(progress > 100) progress = 100;
    
    bar.style.width = progress + '%';
    pct.textContent = Math.floor(progress) + '%';

    if(progress < 100){
      const randomDelay = Math.random() * (400 - 100) + 100;
      setTimeout(animateBar, randomDelay);
    }
  };

  animateBar();

  setTimeout(() => {
    isComplete = true;
    progress = 100;
    bar.style.width = '100%';
    pct.textContent = '100%';
    
    setTimeout(() => {
      screen.style.opacity = '0';
      screen.style.transition = 'opacity 0.5s ease-out';
      
      setTimeout(() => {
        screen.style.display = 'none';
        app.style.display = 'block';
        localStorage.setItem('tz-seen-loader', 'true');
      }, 500);
    }, 800);
  }, 2000);
}

// Start everything after DOM ready
document.addEventListener('DOMContentLoaded', () => {
  try {
    if(typeof navigate === 'function') navigate('home');
    if(typeof updateCartBadge === 'function') updateCartBadge();
    if(typeof startSSE === 'function') startSSE();
    if (typeof S !== 'undefined' && S.user) {
      if(!S.user.is_admin && typeof loadRejectionNotifs === 'function') loadRejectionNotifs();
      if(S.user.suspicious && typeof openSuspiciousModal === 'function') setTimeout(openSuspiciousModal, 800);
    }
  } catch (e) { 
    console.error(e); 
  }
});

runLoader();
</script>
</html>`;
}